Interesting ... I wondered about the reasoning of multiple serverhellos. Is the argument that multiple clienthellos are alright since that amounts to lower overhead than multiple serverhellos (if the expected response is HelloVerifyRequest, then the overhead might be similar)? But that seems to optimize for the forking use case and ignores other use cases.
Why is the ClientHello going out-of-band a problem?As to why to do this: it seems to allow the use case I was talking about and Dan was making a case for it too earlier today.
regards, Lakshminath On 6/12/2007 12:46 PM, Eric Rescorla wrote:
At Tue, 12 Jun 2007 12:39:47 -0700, Lakshminath Dondeti wrote:Right. So, why not do it?Because it involves a number of changes in the DTLS model (having one message happen out of band, having one clienthello elicit multiple serverhellos, etc.) and nobody has described a compelling reason to do this. -Ekr