Even faster connection establishment with QUIC 0-RTT resumption
The latest revision of the TLS protocol, TLS 1.3, introduced "zero roundtrip time connection resumption" (0-RTT), which allows clients to start sending application data without waiting for the TLS handshake to complete, reducing latency. QUIC goes a step further by allowing clients to send application data in the first roundtrip of the connection. However, 0-RTT connection resumption comes with risks such as lack of forward secrecy and potential replay attacks on non-idempotent requests. Cloudflare supports 0-RTT resumption for QUIC and offers a toggle to control whether it is enabled or not in the Cloudflare dashboard.
Company
Cloudflare
Date published
Nov. 20, 2019
Author(s)
Alessandro Ghedini
Word count
944
Language
English
Hacker News points
None found.