NTS keys as I understand them
Hal Murray
hmurray at megapathdsl.net
Mon Jan 14 20:45:58 UTC 2019
> It is actually allowed to re-use cookies, specifically if it wants to avoid
> that re-keying. Whether that's a good idea is debatable, but the server
> doesn't know either way and the decision is up to the client.
Right.
I think we should make a "no reuse" decision. We want that option for
no-tracking. We can't just keep reusing the first cookie we get since the
master key will get updated occasionally.
Next time somebody is editing, please add a no-reuse note at the bottom.
> BTW, the number eight is not arbitrary: that is exactly the number of packets
> a burst poll would use.
The normal case is that the client gets back a response before it sends the
next request in the burst, so it only needs 1 cookie to start with.
--
These are my opinions. I hate spam.
More information about the devel
mailing list