Re: [quicwg/base-drafts] Text on session resumption (#3566)

Martin Thomson <> Tue, 14 April 2020 00:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3FB0F3A21D0 for <>; Mon, 13 Apr 2020 17:27:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2LACeUqO0zOU for <>; Mon, 13 Apr 2020 17:27:11 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 00AD03A21C4 for <>; Mon, 13 Apr 2020 17:27:10 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id F4112A04F6 for <>; Mon, 13 Apr 2020 17:27:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1586824030; bh=vp4DqzcH0E+EdRxGgigmqXjvKU3W5sKmUPdQUMelMHs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=JOpT4LguF1sGxgIdaTZniCJgAbr1h+LVSNgmbnNC5B6CpIxff1Tt8UEhMIjpQrkpe sR4VZTO8KJk8cg5YljfjISswJ9ah13nusf66HiAgGTKmf1Pcicd9y2QGd6/PHyDQRx 66+VPgvG76iyczt4ydLEZa1AsaSpI6N+hLbrQJUo=
Date: Mon, 13 Apr 2020 17:27:09 -0700
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3566/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Text on session resumption (#3566)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e95035de3c1a_67513fb9aeccd95c6750"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 Apr 2020 00:27:12 -0000

@martinthomson commented on this pull request.

> +
+Endpoints that use sesion resumption might need to remember some information
+about the current connection when creating a resumed connection. TLS requires
+that some information be retained; see Section 4.6.1 of {{!TLS13}}. QUIC itself
+does not depend on any state being retained when resuming a connection, unless
+0-RTT is also used; see {{enable-0rtt}} and Section 7.3.1 of
+{{QUIC-TRANSPORT}}. Application protocols could depend on state that is
+retained between resumed connections.
+Clients can store any state required for resumption along with the session
+ticket. Servers can use the session ticket to help carry state.
+Session resumption allows servers to link activity on the original connection
+with the resumed connection, which might be a privacy issue for clients.
+Clients can choose not to enable resumption to avoid creating this correlation.
+Client SHOULD NOT reuse tickets as that allows entities other than the server

TLS uses "reuse", so we can reuse that (sorry).

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: