security.tls.enable_0rtt_data

[suffix]

In Pale Moon 28.3.0 security.tls.enable_0rtt_data by default false

In Firefox 64.0.2 security.tls.enable_0rtt_data by default true

Why block a very useful option that significantly reduces the time for repeated ssl approvals ?

[Potkeny]

I think Moonchild's answer in this thread is relevant? viewtopic.php?f=26&t=20881

Unless I'm so confused about the topic that I misunderstood it a lot, which is a possibility.

[suffix]

I think Moonchild's answer in this thread is relevant? viewtopic.php?f=26&t=20881

Thank you very much - I wrote the answer in the topic that you specified.

Although there is no talk about Pale Moon.

I duplicate my answer here too:

[*]0-RTT with TLS 1.3 is trickier and has a replay attack risk. All 0-RTT solutions require sending key material and encrypted data from the client without waiting for any feedback from the server, meaning a bad actor can intercept and replay the connection. This is a significant risk and the reason why it is disabled in Pale Moon.

1.

When I implemented 0-RTT on my website, I took this into account in the nginx settings:

"To protect against such attacks at the application layer, the $ssl_early_data variable should be used.

Code: Select all

proxy_set_header Early-Data $ssl_early_data;

"

And I think that most webmasters also follow this advice.

2.

In Firefox 64.0.2 security.tls.enable_0rtt_data by default true

I think the danger is somewhat exaggerated once firefox defaults to true

3.

0-RTT with TLS 1.3 I find it a useful function.

Even in the best verification service, they began to determine its presence:

https://www.htbridge.com/ssl/?id=mr7ExbBc -- Server's TLSv1.3 Early Data (RFC 8446, page 17) is properly implemented