[TLS] TLS 1.3 multiple session tickets from the client?

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 10 May 2018 04:10 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 27C4512E8D8 for <tls@ietfa.amsl.com>; Wed, 9 May 2018 21:10:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id xgGm1gDgLhCs for <tls@ietfa.amsl.com>; Wed, 9 May 2018 21:10:50 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E51F612E8D4 for <tls@ietf.org>; Wed, 9 May 2018 21:10:49 -0700 (PDT)
Received: from [] (straasha.imrryr.org []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 2079F7A3309 for <tls@ietf.org>; Thu, 10 May 2018 04:10:49 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Reply-To: TLS WG <tls@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Message-Id: <773A6343-2978-4195-BF53-B5253E3B9129@dukhovni.org>
Date: Thu, 10 May 2018 00:10:40 -0400
To: TLS WG <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/oyf9RSte7mk65fTW6sK0POGo3ss>
Subject: [TLS] TLS 1.3 multiple session tickets from the client?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 04:10:51 -0000

TLS 1.3 allows clients to send multiple PSK identities, with the server
choosing one.  When, if every, might it make sense for the client to
send multiple session tickets to the server?  If this is not expected,
is it sufficiently odd for a server to ignore any tickets after the
first (if that one is not usable)?