After reading your draft and rethinking of the main issues, I would like to
raise one issue about ticket location issue:
there have two problems on sending tickets with all the information to the
If the session resumption solution is deployed in mobile network,
it will consume a lot of air-interface cost to request/present/update
the ticket. As the mobile operators, we prefer not do that.
As discussed in the list, the packet to send the ticket may be
fragmented. When session resumption happened, a large number of the
client may try to present the ticket at the same time. In this case, a
bunch of fragmented IP packets will be sent to the gateway. Some
equipments (such as mobile network GW, firewalls, etc) between clients
and gateway may be overloaded to handle the IP fragment. And, some
equipments may treat it as DoS attack and simply drop all the
fragmented packets. the most important issue, the wireless base station
will be chunked and died.
thanks for your consideration. under this consideration, we would like to
recommend the solution which could store the ticket information purely on
the network side.
thanks for your consideration.