New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Netty 5] Early data for TLSv1.3 #8539
Comments
Is there anything special that needs to happen other than using Session Tickets (or IDs) in conjunction with TLS 1.3? I'm speaking in terms of server side, a client might require some extra work. |
Adding link to this SSL_read_early_data for future reference. |
@normanmaurer I'd like to take a stab at this. |
To give a little update. The TCN side is pretty straight forward. BoringSSL uses a slightly different API than OpenSSL but I believe Boring's API can be "massaged" to emulate the OpenSSL API/behavior. I have that stuff compiling and hypothetically working. Now, SSLEngine#wrap/unwrap is where the skeletons lie. I'm afraid none of the state and logic flow hold in the context of early data. It'll take a few 🍷 to untangle it. |
@rkapsi Any updates? |
Also, we need a way to notify |
TLSv1.3 supports the concept of early data. We should add support for it.
The text was updated successfully, but these errors were encountered: