Skip to content

TLS 1.3 early data / 0-RTT #2912

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 9, 2025
Merged

TLS 1.3 early data / 0-RTT #2912

merged 4 commits into from
Oct 9, 2025

Conversation

@drwetter
Copy link
Collaborator

@drwetter drwetter commented Oct 6, 2025
edited
Loading

This PR implements a check for TLS early data. It needs a compatible OpenSSL or LibreSSL version. For modern OS versions it should automagically pick the right, modern binary for the check.

Mitigations like Defer processing or HTTP 425 are not yet tested.

To clarify is

To be in line with other HAS2_* global vars (HAS2_QUIC, HAS2_UDS), the following vars were renamed from their OPENSSL2_HAS_* counter parts:

  • HAS2_TLS13
  • HAS2_CHACHA20
  • HAS2_AES128_GCM
  • HAS2_AES256_GCM

This fixes #1186.

What is your pull request about?

  • Bug fix
  • Improvement
  • New feature (adds functionality)
  • Breaking change (bug fix, feature or improvement that would cause existing functionality to not work as expected)
  • Typo fix
  • Documentation update
  • Update of other files

If it's a code change please check the boxes which are applicable

  • For the main program: My edits contain no tabs, indentation is five spaces and any line endings do not contain any blank chars
  • I've read CONTRIBUTING.md and Coding_Convention.md
  • I have tested this fix or improvement against >=2 hosts and I couldn't spot a problem
  • I have tested this new feature against >=2 hosts which show this feature and >=2 host which does not (in order to avoid side effects) . I couldn't spot a problem
  • For the new feature I have made corresponding changes to the documentation and / or to help()
  • If it's a bigger change: I added myself to CREDITS.md (alphabetical order) and the change to CHANGELOG.md

@drwetter
TLS 1.3 early data / 0-RTT
e0401b6 
This PR implements a check for TLS early data. It needs a compatible OpenSSL or
LibreSSL version. For modern OS versionis it should automagically pick the right,
modern binary for the check.

Mitigations like Defer processing or HTTP 425 are not yet tested.

To clarify is
* whether to penalize SSLlabs rating (@magnuslarsen). testssl.net has it
   enabled but the Web UI claims it's not a/v, see
  https://www.ssllabs.com/ssltest/analyze.html?d=testssl.net&s=172.67.205.231&hideResults=on&latest
* Man pages

To be in line with other HAS2_* global vars (HAS2_QUIC, HAS2_UDS), the following
vars were renamed from their OPENSSL2_HAS_* counter parts:

- HAS2_TLS13
- HAS2_CHACHA20=false
- HAS2_AES128_GCM=false
- HAS2_AES256_GCM=false
@magnuslarsen
Copy link
Contributor

whether to penalize SSLlabs rating

The rating guide does not specify anything about 0-RTT

A random selection of recent A+ scans all have 0-RTT disabled, so I think it is safe to assume it doesn't affect rating (yet anyway)

@drwetter
Copy link
Collaborator Author

drwetter commented Oct 7, 2025
edited
Loading

@magnuslarsen : thanks for the clarification!

google.com (in my region) and cloudflare (testssl.net) have 0-RTT enabled, as the second openssl command clearly shows. The check @ SSLlabs is not correct . I haven't seen a host yet where that is correct.

@drwetter
Add 0-RTT
d637dae
@drwetter
Add 0-RTT
da7c713 
also:
* fine tuning protocol section
* reference RFC 8470 (well..) and FIPS 203
* add a general linkto TLS related  RFCs
@drwetter
Merge branch '3.3dev' into early_data
aacde5d
@drwetter drwetter merged commit 80d05c0 into 3.3dev Oct 9, 2025
4 checks passed
@drwetter drwetter deleted the early_data branch October 9, 2025 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Early Data(0-RTT) support?

3 participants

@drwetter @magnuslarsen