wget2 | TLS 1.3 (0-RTT) early data on resumed sessions (#678)

[Vibhav Tiwari (@vibhav950)]

Vibhav Tiwari created an issue: https://gitlab.com/gnuwget/wget2/-/issues/678



Hello folks

I'm interested in adding TLS 1.3 early data support to wget2. From my rather 
shallow inspection of the source code, I noticed that wget2 allows for 
persistent storage of TLS 1.3 session tickets to the disk, allowing for session 
resumption on successive calls to the `wget2` command.

Implementing early data would require a change in the sequence in which data is 
sent over a TLS connection. As a rudimentary design, given that the user is 
resuming connection with a server with early data enabled, the TLS handshake 
needs to be delayed until the required amount of early data has been sent, 
following which the handshake can be initiated. After the handshake, the client 
can continue sending application data normally.

Quoting RFC 8443, early data shaves off the RTT delay on a resumed TLS 1.3 
connection at the expense of having weaker security properties than those for 
other kinds of TLS data. That being said, I believe wget2 would benefit from a 
`--tls-early-data` flag to allow the user to enable 0-RTT data for a transfer.

Thanks

-- 
Reply to this email directly or view it on GitLab: 
https://gitlab.com/gnuwget/wget2/-/issues/678
You're receiving this email because of your account on gitlab.com.