Re: [TLS] Fwd: I-D Action:draft-bmoeller-tls-falsestart-00.txt

Bodo Moeller <> Fri, 04 June 2010 09:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E47443A6824 for <>; Fri, 4 Jun 2010 02:48:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -100.223
X-Spam-Status: No, score=-100.223 tagged_above=-999 required=5 tests=[AWL=-0.574, BAYES_50=0.001, HELO_EQ_DE=0.35, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VJQGhQUXA-NO for <>; Fri, 4 Jun 2010 02:48:03 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 51C883A6A1F for <>; Fri, 4 Jun 2010 02:47:29 -0700 (PDT)
Received: from [] ([]) by (node=mreu1) with ESMTP (Nemesis) id 0LkUgR-1Os9DQ1UTL-00bj7M; Fri, 04 Jun 2010 11:47:12 +0200
From: Bodo Moeller <>
To: Michael D'Errico <>
In-Reply-To: <>
References: <> <> <>
Message-Id: <>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Fri, 4 Jun 2010 11:47:09 +0200
X-Mailer: Apple Mail (2.936)
X-Provags-ID: V01U2FsdGVkX1/1iGzyFMZuOrqAj5+vugpuD6kbZsPGIoQEiFE i3JVUPkeQNyUTze24IYIxYj0+1rtE/o8LUf8YKXPjvgsGCd4we MorQsQCSwrvsJxPO4xkZw==
Cc: TLS Working Group <>, Nagendra Modadugu <>
Subject: Re: [TLS] Fwd: I-D Action:draft-bmoeller-tls-falsestart-00.txt
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Jun 2010 09:51:05 -0000

On Jun 3, 2010, at 7:31 PM, Michael D'Errico wrote:

> I think the current name doesn't describe the feature very well.   
> SMTP and
> HTTP call it "pipelining" so perhaps you could use that name instead.


thanks for the comment.

Yes, "TLS False Start" is an application of the pipelining principle.   
However, I think the name "pipelining" isn't sufficiently specific,  
and thus misleading: even without "False Start", you can have  
pipelining with TLS (for application data).

Furthermore, there are important non-obvious security considerations,  
and if we just called this "pipelining", implementors might mistakenly  
believe they know what's going on because they know pipelining from  
other protocols.  We do want them to read the security considerations  
first.  I hope that the name "False Start" becomes clear once you've  
got the idea behind it: a party starts before it has received a "go"