SSL: Accepting early data in TLSv1.3

Maxim Dounin mdounin at
Tue Jul 11 18:33:24 UTC 2017


On Tue, Jul 11, 2017 at 11:00:50AM -0700, Utkarsh Tewari wrote:

> Hello,
> I am using OpenSSL s_client to send early data during resumption over a
> TLS1.3 connection. However, the server rejects it as shown below.
> Reused, TLSv1.3, Cipher is TLS13-AES-128-GCM-SHA256
> Server public key is 2048 bit
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> *Early data was rejected*
> SSL-Session:
>     Protocol  : TLSv1.3
>     Cipher    : TLS13-AES-128-GCM-SHA256
> Is there any way to accept early data on the server?

No.  As of now, early data is not supported by nginx.

Note well that early data requires special handling and using it 
implies different security guarantees from the protocol - notably, 
there is no replay protection.  If/when supported, early data will 
not be enabled by default, but instead will require an explicit 
configuration option to enable it.

Maxim Dounin

More information about the nginx-devel mailing list