[gnutls-devel] GnuTLS | add support for 0-RTT (!775)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Oct 29 13:51:20 CET 2018


Nikos Mavrogiannopoulos started a new discussion on lib/includes/gnutls/gnutls.h.in:

>  
>  void gnutls_supplemental_send(gnutls_session_t session, unsigned do_send_supplemental);
>  
> +/* Anti-replay related functions */
> +
> +typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t;
> +
> +typedef int (*gnutls_anti_replay_add_func) (void *, const gnutls_datum_t *key);
> +typedef unsigned (*gnutls_anti_replay_check_func) (void *, const gnutls_datum_t *key);
> +typedef void(*gnutls_anti_replay_clear_func) (void *);

This introduces a new set of database functions that should be set by servers supporting 0rtt. Why not re-use the existing `gnutls_db` subsystem to store such entries? From the app developer perspective there will be minimal changes to an existing server application. What do you think is the main benefit from this new api?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/775#note_112778620
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181029/1237b70c/attachment-0001.html>


More information about the Gnutls-devel mailing list