[TLS] Re: 【Reply to the comments after the presentation in Montreal】RE: Re: FW: New Version Notification for draft-wang-tls-service-affinity-00.txt
Peter Gutmann <pgut001@cs.auckland.ac.nz> Mon, 05 January 2026 02:03 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 83EF2A2A4904 for <tls@mail2.ietf.org>; Sun, 4 Jan 2026 18:03:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.auckland.ac.nz
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HhvqLgqmJ_x8 for <tls@mail2.ietf.org>; Sun, 4 Jan 2026 18:03:05 -0800 (PST)
Received: from SY8PR01CU002.outbound.protection.outlook.com (mail-australiaeastazon11020075.outbound.protection.outlook.com [52.101.150.75]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E7181A2A472D for <tls@ietf.org>; Sun, 4 Jan 2026 18:02:47 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=nO3ym0YcC4FE3prtN9xTMJBz7NTprJVCdkGHPr5oxpvBUbZUk3V4cNA5h0pbidWNXlDtLq59/EfAB+DZSkl//Ys4f+Z2Rk0UGUYy02QYPQ9vauO4jbPRq67W3LmmlXSLTE4OdeFRh9FwB1m5oRy62HANG3i5dfzImAdErhcE0g/QjSgi0biMQDUbe5F3ahs1sEq7UcQazGkz5DR7mRweWLmoN0K9pk/44rsjPO4AsZAdx0tWP3o5fRwp/ZEZOb/6/sZR7SlTJcS/8NctEM1oYcMvAlNee36UG6mNr76glbYVPV63BzPtIhHBZ1Z8SjcysMnXzyDMi/Jqkml5mwSuxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=j6yKrd9k2w2ZNzj+Wp0dB8sQ/78buR91Cdrt5iOSLLs=; b=jSXzGd9rhseEQFevDb/hvhHpJb0kQvyKti1OElTYiBHslTtHGijaueeGNDbnzG0pbJpA1R5Nb+0HlZddi9HedyZmMQScNQ+esTlEGDUi33H653BDX/ytDYzyvSKRpbLLaF+OZScjqzmvINFr2+w7KrV9mJwMww2LO5IuLQCaVEK3z9nxAPw5Vo4tuKD4j6fbkLru8nJmD+VOSDgmWAtIALh5qwtnmL83RW7Q9/wBetpWL3DB9VUaAzHBlNDfGYBteNrdX5ozNrY2BEDR9vQ0Fag950yJZH2ors0nOW4TuSoJCTmWEYtNVfAK868b60fkQ5BWigPhBSCwlCK/S8DrTg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.auckland.ac.nz; dmarc=pass action=none header.from=cs.auckland.ac.nz; dkim=pass header.d=cs.auckland.ac.nz; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.auckland.ac.nz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j6yKrd9k2w2ZNzj+Wp0dB8sQ/78buR91Cdrt5iOSLLs=; b=qQ/M6uUjWzFi0q8OrqRgHNSjdhAJrjfXFb7RFae4fd0gVkrYcFlvRbrdrFH7ms++nSktB29wzW7hJNtMQOgEpMJd0gz7gx+03zU7AT4IRCFoleUp5fo6yYEkMaAXKpxTnKjQQk7oy+/noXg6VSkHZMF4RfLmxYaJ4uDkrLd4j3Uh1qZjcrorfAVr6XVSe8f1FgsinmX8+/sW3sl0r/8aQIPO38037V9cEEKhSc1W2zybE+3im8PbmNIJZVnUSXvqdoJDxgZq8MH3y/qgETWx1GSdo8VU16Gk54/rp0YepMnshoBYSgcAqR3ZGJN3MqJmunLLPlpvsEJjZaFoyljeyA==
Received: from ME2PR01MB3650.ausprd01.prod.outlook.com (2603:10c6:220:22::21) by ME3PR01MB7364.ausprd01.prod.outlook.com (2603:10c6:220:137::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Mon, 5 Jan 2026 02:02:35 +0000
Received: from ME2PR01MB3650.ausprd01.prod.outlook.com ([fe80::8582:5be8:2893:b364]) by ME2PR01MB3650.ausprd01.prod.outlook.com ([fe80::8582:5be8:2893:b364%5]) with mapi id 15.20.9478.004; Mon, 5 Jan 2026 02:02:35 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Eric Rescorla <ekr@rtfm.com>, Aijun Wang <wangaijun@tsinghua.org.cn>
Thread-Topic: [TLS] Re: 【Reply to the comments after the presentation in Montreal】RE: Re: FW: New Version Notification for draft-wang-tls-service-affinity-00.txt
Thread-Index: AQHcdsOHyS5UhaM0GE6bzAiGfOi4i7U5+6KAgABLdQCABwIPgIAACE4AgAGPVvs=
Date: Mon, 05 Jan 2026 02:02:35 +0000
Message-ID: <ME2PR01MB365076CEC09B5D5D9DD30016EE86A@ME2PR01MB3650.ausprd01.prod.outlook.com>
References: <000001dc7615$cf415b70$6dc41250$@tsinghua.org.cn> <CABcZeBM=59id8msEU2i=qQXiwNKZnHTBAJ85zmEKD8USQF5z_w@mail.gmail.com> <004e01dc7974$957ebab0$c07c3010$@tsinghua.org.cn> <CABcZeBPgw0Fsz0QyD6T2Q8CoZcWbXQS_ptoTqNfbBGydawdVRw@mail.gmail.com> <011601dc7d1b$57b5bf30$07213d90$@tsinghua.org.cn> <CABcZeBMZUe4KuokvccxPGr7SjKhca8aFZcsNTH++A+G9V-94Mw@mail.gmail.com>
In-Reply-To: <CABcZeBMZUe4KuokvccxPGr7SjKhca8aFZcsNTH++A+G9V-94Mw@mail.gmail.com>
Accept-Language: en-NZ, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.auckland.ac.nz;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME2PR01MB3650:EE_|ME3PR01MB7364:EE_
x-ms-office365-filtering-correlation-id: 50ff27e3-8e4c-46df-8893-08de4bfe7edb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|786006|376014|10070799003|38070700021;
x-microsoft-antispam-message-info: pptavCf6Esabz85tS6SePyI8GmQyOsthagl77Rw47+I3vna2m4ajQxQls7mDO4nK7C270fOpnoyJaj/yiPGD8FUP9xmTEgEiWkzjHhz0Vah3Ld/Ye/HnsMmgsHfkLTPAg+cY28dmxW3Yo3zCk9qBOHkXyXcVIpDqWYZtEYf+OqHK0/1ES3bz5gdM4hC8oPBd942lD7gggL+/VtEKXUSSFDlDVqr+ge8zuFcL5PCDRZiTMlzdy9HwyRbC+ipZFSQ2D86mNic7BTkZMtV9K4QRKIqprNWzqiBsvp0ZqiQhT7uccfzl5ZchvJV1hFFImCJCX6UtycpXb2TrFyu6h4mWcAFlibOAF4ICvc17M0ZUftDeKFnmUWhKuWjU5MT6p3ohyyX9lU8LoctrJHLk//n5eLRUvBzYXrk2hi4t0pd7xBX8y3sJ7PrT6n/sKWULoFOe6m4Hi3udFJRiu4snEuwcOOBGjVlGm3jpiiQyfJBAH6RDuJMYYwE89qZR0+Ogn07Og+5IRC+4fqe07H0KVTrspHtBHDwX9Yju1MCa0iNP5ZmnIJXQP4bQCu4sF4v9/7bsioluO/cVXXjPbWt0VSBZCnn+KzPBSA4d2UMDvVJp70GpdMrHuRjcNhNar0vJ0alSQn642IEx53Wv0opafidur5XjsdcEmpyAROHZz4U6s7PEAXg+iZBC76TZu8d9Cmo6Hjpq8FDC5bNNtONw6qf7MxwWb0EEge+S+xkvuI0cKxL5UL+ZLNZZbXmmU2GC7Qc877YILO+fSQZ1v/F6NjjqxDyMq/D+CvmdGJp5nlQmym+axGTapT+QNjhGklQNDVRpoLY8+9HTLLoxSp8zT2oaB2ACy1n+GuipjeqEim/JECxo9pj2y5m9MHjCF0bl/xj/3IuBuBmQbCX4GDa8RvqaHlzVKPw9VKWXWACn06zQWG7Xvb0Rfe7377wpYRK2A0WX1H7VA/bFF0685sfOOxmj/GxfJWJ2IqGyfa/vE6mggQDQaT8F1rBJxg7sW08ek6/Ky/OyK+heWTzMPaojoJAqtXVquGCJppmEgR+319Ar/QvPTZsFrd++nFNBBsZGtOkKcjRDIa9RjeGL9/MSrWiNjr5eWULHlyFup7yRVFXgcQhpxLY9CPfUs8ii3qebpjb7nKvSZS2PkLvgf2vFqDo0uHjWoh4u6qgCBQFiBsCsK6KkPNdyUh3QOeNpmPIIdJzHtuMeCxk51qWanLd1ujDDuPl0Y31V1dBzMpXkzqjsx+GMi5kbWCOn7goGfM3Bj0S8IGURJZCmw3WTlosD8BHkKJt3CJ2n3kLpoK6jFSGqoRKjy4xXftuelLNStYVmg4c4oHLg44i00zILKW82VS0NeWMdyGSDT8zZ4J1Lw5kwxdmWme3ddJJ7VFlhtEkGXvyl1Ps0alxqqYFv/MdGUzZqwHhIz8cFI9CTN1PDkvFtsq+WLwiDBBHx6SN/jPY+XHu9bpO/mHHPTi5qGBCW3CJAut2VSXVixXxo7+rkPLwwdjLaLvXU+UHIIwa/0IqUxJz2
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:ja;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ME2PR01MB3650.ausprd01.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(786006)(376014)(10070799003)(38070700021);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: hY9sNNejHmYaV3xbjWPh3kDK8ZjMTIlgBeeiIEaTHOHz7jkiHWGJkmOhJ2i/Lmuyc7LA6SDKQBKCSrwc3cmZc7/pfv5+ENBc/V+iGLxstR/0Wsgc9dUQFNdqKQxfRkBd3ZViN/vX3Td/7HKrQ1BXLHvl2RB1utQQEx8u/nF+CT5HFP4B1N5dFa9E/y8nldjxkeaoinEvK2GMQIbqOil9vp75lmwvzs85hgTij/m67mbt8b9be3UCM5XfNyPfWY+XylxAnul+FKmahmsq0ymvcU6Bai0m4/X+CnQ1Jea97ery72f0G1rGuKbqmPOCca8DM25ZTQfp0rUd9pmJeTsfNduwP2axoXyFqg3kgP4kvZgOI9LdDu0pMjVWxi4baXD/SKamb2vmODNi6DicqSpmAnmYQXJfxjHTMEX20Bv6x0RqiCzWrTnEcs7Jy5TFQ6He0+JFP149B0OHSz0PvAhW1vLOrXMLr1ifRs6sxK50L3MpCimXy80oSZ7dlXGrooN2zsmULicdsgHwIvpVz11aNq/tdNVazfDtM2Ze1RBwL0RSx4n2+8HgRyhGLY9M9bEOV1J87M4ADXVSFpYk9KVbsKFR6D6x5EWLk7epAAkCsbL0E75TPkc5/je8dRtHBQakfkXPjDMlClMuwhod62/MymOBRSNasyyVHw/nDEpg1xCfrmqNo2Sqm+Ve8lZmUUCB9bWhpVvlSp7lQfWbaD5iwEER6+enCLxlL5oh9kVqKpcwILF3OM+ztUG01O8dmDR6ZKThp2XAZI/qcaCMIHdQHsz2O9xqQdwYeG0aF3v4gP7RXIqUwveD8Ix7vfe3VOVU5jzV+2/3l546WVea07ZCpA5exg8agb0JTdAQ0FukP/iSAsWi9XU/8xkaQZ7jr1hNLfCshFq7n90KE4SsuOfBU5sm6XzBlCp3wsRyhWTD1NoJ8lY81BXZsOeHFu7GxWD1FsvJ1QPuFFVhB6g/s0xyimM0aQaXy84sA32RLgdnBBQDI2bVJLfYAsxdtoEMJKTTv3ThdKmwa9c8iM8RKfVg3NX3O8H/Plx2iaH9Dkdaj08BQok+jfhs1AgIobzHyBscodJi4VpDKYeUpivWC50X2dusZJ5kNyj59FielYuIp5J+0gOKVI8MDUpIeKStR11N/YXa/rd337Z1DbVPhJnTZkuG+qlNEUXpbL/vP7silc7ZCxP5ojKtN0qOSQD2+yKQQ+oL+dpPsNlQBBJxJVO6YrzlEsDQoT8/qeYVjzGaVzLJFDIIaXmqknxhUGxSBVAyM87h8qkZwMOxQwwBQmwNi3PeUD39zqv1pF99zkEPme8LbzaK5UdjD/nO+6Nslp4obCucjqIhZrvy7NbhNDJ0wRexCwzAepfgLcLORY/SH8PlVcVckscSV8cxAXXIk8tF3K2xCQXk53q88LPEZ1IOzNHpIPcHO2vk9JFo/wXuRlFvfTw/WAs19rBFH8GlNKko8t5MS5qGfu3Cb0WOWaGv3+RuDITrpLQ7+6uQmItUbvMAA4mbtRuqe3V3oH3S+QqTCPLiU3g6gelQIfTLMU/iJXbunKMyVQfdxLfOm+SBjmz7/6+WYoV4DTHqDNxxReSyoCH3qWICmE1R8htRJPxx8krJLitkZIbWz+LE4bw8JSfJs3B3HOnjC75PEXbuFRl32VP8LciVALNYNyWkI9/IvNn/c4a08Om+jXlhtE9EuaEdvnP4eC9AcnPVY34RwCHceWCNndsdHKByL/Qk34Upg3ONQEZk3i99JJFf+Ko5W6cmjVoYBN76NFMnBQ+lXWqza+dkM3da
x-ms-exchange-antispam-messagedata-1: +Bsa9HL+xrrbMQ==
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME2PR01MB3650.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 50ff27e3-8e4c-46df-8893-08de4bfe7edb
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2026 02:02:35.5050 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kWiewzL+TYNYYToINrsiEkVxStvhP2B+lKsx66rbbdq+XBNDBzWsGkWIfRXIJuJa8lE0Zbz9/QNfDh8tJlK76ayOnowRiv8/QW1SyP1GW+s=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME3PR01MB7364
Message-ID-Hash: IHOJN7A3X2DIPDPZOZD7B7T4HT6DJQPJ
X-Message-ID-Hash: IHOJN7A3X2DIPDPZOZD7B7T4HT6DJQPJ
X-MailFrom: pgut001@cs.auckland.ac.nz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: 【Reply to the comments after the presentation in Montreal】RE: Re: FW: New Version Notification for draft-wang-tls-service-affinity-00.txt
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Ko28_PayenYUaqwLpLi7Y1TzzlE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Eric Rescorla <ekr@rtfm.com> writes: >The TLS specification takes no position on when (1) clients should attempt >resumption and (2) servers should allow it. The design however strongly discourages its use. Because of the way TLS 1.3 reinvented the whole protocol using extensions, you can't know in advance whether the server will allow a resumption or not as you do with TLS classic, which means you always need to send a pile of guessed keyexes in your client hello for when it doesn't, making it the same as a non-resumed client hello. Alternatively, you can not send the guessed keyexes and trigger the hello- retry dance, which with network delays is even more expensive than sending the guessed keyexes. So there's not much point to resumption to save effort as it was with TLS classic, you have to do most of the full-handshake crypto (or take the hello- retry hit) either way, and implementing resumption just adds even more complexity and attack surface. Peter.
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Martin Thomson
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Peter Gutmann
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] 【Reply to the comments after the presentati… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Eric Rescorla
- [TLS] Re: 【Reply to the comments after the presen… Christian Huitema
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Peter Gutmann
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Aijun Wang
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Re: 【Reply to the comments after the presen… Wei Wang
- [TLS] Re: 【Reply to the comments after the presen… Muhammad Usama Sardar
- [TLS] Comments on draft-wang-tls-service-affinity… Muhammad Usama Sardar
- [TLS] Re: Comments on draft-wang-tls-service-affi… Wei Wang
- [TLS] Re: Comments on draft-wang-tls-service-affi… Muhammad Usama Sardar