Matt Brubeck mbrubeck at limpet.net
Thu Jun 25 01:36:24 BST 2020
- - - - - - - - - - - - - - - - - - -
One of the acknowledged disadvantages of TLS for Gemini is latency.TLS 1.3 has a feature that could mitigate this problem in somecircumstances. To quote RFC 8470:
TLS 1.3 [TLS13] introduces the concept of early data (also known as
zero round-trip time (0-RTT) data). If the client has spoken to the
same server recently, early data allows a client to send data to a
server in the first round trip of a connection, without waiting for
the TLS handshake to complete.
When used with HTTP [HTTP], early data allows clients to send
requests immediately, thus avoiding the one or two round-trip delays
needed for the TLS handshake. This is a significant performance
enhancement; however, it has significant limitations.
The primary risk of using early data is that an attacker might
capture and replay the request(s) it contains.
Has anyone implemented a Gemini client and/or server with support for0-RTT data? Any thoughts on which requests can safely use it? (Forexample, would it be reasonable to allow early data for all requeststhat don't use a client certificate?)