Support for 0-RTT

[kriskwiatkowski]

It was reported that support for 0-RTT has an interoperability issue (tested against OpenSSL and Haskel TLS). We do have tests for 0-RTT, but they may not cover functionality completely . To be investigated first and fixed

[high3eam]

@henrydcase Doesn't tris already accept earlydata from clients or is the implementation yet incomplete ?

[Lekensteyn]

The server does accept it if configured through tls.Config, see _dev/tris-localserver/server.go for tests.

There is no client support for 0-RTT though.

[high3eam]

Alright, I see. If I would now build caddy webserver with tls-tris and therefore 0-rtt support, would this be successful?

I mean, can I build golang 1.12 or newer with tris and if yes would caddy be able to use 0-rtt feature?

EDIT: I can build caddy with tris successfully. Now that I'm not really into go programming really, would a few of you be able to guide me on how to integrate 0-rtt earlydata into caddy webserver?

I really like caddy to benefit from 0-rtt, because of the huge TTFB benefits.

Thank you so much!

[Lekensteyn]

Adding 0-RTT has security implications, it is not safe against replay attacks for example unless the server has additional protection mechanisms.

Adding support to something like caddy is probably not a quick task, volunteers are welcome to suggest some changes :)

[MikeSchroll]

@Henrocker Any success with caddy client support?

@Lekensteyn Understanding the security implications, have you seen any implementations of golang client-side supporting 0-RTT? We've implemented on our server-side and tested with a rust client using https://github.com/ctz/rustls and achieved 1-RTT so far; with 60% reduction in average response time, but are now trying to update our golang client side...

[high3eam]

@Henrocker Any success with caddy client support?

Didn't invest more time into this. I'm patiently waiting for h3-23 in Caddy v2.

[Lekensteyn]

@MikeSchroll I am not aware of a Go implementation of TLS with support for early data. The TLS implementation used by quic-go (which is used by Caddy for HTTP/3 support) also does not support 0-RTT from what I can see (https://github.com/marten-seemann/qtls).

Before adding a client implementation, I would probably start with a survey of APIs for 0-RTT support in other languages and their usage by client applications. Maybe someone even wrote an I-D/RFC about 0-RTT profiles/usage.