-
-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support TLS False Start #1541
Comments
@richsalz - Hi, is someone working on this? |
As far as I know, nobody is. |
What are we doing with early-data in TLS 1.3? Any API changes? |
yes there will be API additions for early-data. |
Have proposed APIs been outlined somewhere? I wonder if there is something that can be shared between false start and early data. |
I am still concentrating on the core TLS1.3 implementation. I've not really given early data much thought yet - so, no, I have not outlined an API anywhere. |
And false start isn't the same as early data; the security properties are different: false start can't be replayed, early data can, for example. |
Hi Rich, Is false start API available ? I can see the enable early data API in the TLS 1.3 draft 20 master branch. |
Github pull requests are a bad place to have ongoing discussions. Consider joining the openssl-users mailing list and posting there; https://mta.openssl.org
|
As someone only keeping a casual eye on things, github pull requests are a much easier place to monitor and post. Once the discussion has concluded, could you post a summary here? |
Marking as inactive, to be closed at the end of 3.4 dev barring further input |
As described in RFC 7918
BoringSSL has the flag
SSL_MODE_ENABLE_FALSE_START
(to be passed toSSL_CTX_set_mode
and friends), it seems reasonable to use the same interface.The text was updated successfully, but these errors were encountered: