On 23/03/2020 11:09, Angus Robertson - Magenta Systems Ltd wrote: > My public web servers shows several handshake failures daily due to > 'TLSv1.3 early data', sometimes after a previous successful TLSv1.3 > connection, but not always. Do you have specific error messages? > > I'm not currently attempting to handle any early data, I thought it was > disabled by default. It is. You don't need to do anything to disable early data. > Maybe these errors are the result of bad client implementations and I > should just ignore them. Possibly - but it would be good to see error messages. Matt > > Like all public servers, there are thousands of hacking attempts daily, > and other silly accesses, like why would anyone want to negotiate > protocol 0x0103 while also sending the EC Group extension? > > Angus >
