It’s fine to use SSL interchangeably with TLS IMO. It’s still called OpenSSL.

I suppose, but it's not really that big of an effort to just use the correct term for the correct version of the technology.

The certs are generally called SSL certs, not tls certs, too.

> AWS Certificate Manager - Provision and manage SSL/TLS certificates with AWS services and connected resources

Both, I guess.

By chuck away I mean all those processor cycles to perform cryptographic verification... And then throw away the result because you have to do it on the next connect anyways

And I have written a library that does the full SSL handshake/upgrade cycle off of tcp sockets, and managed my own private CA, so I'm not a total idiot.

How is that different than all the other CSR SPAs that do a REST call on every button press as well? They do almost the same amount of work, and will also “throw away” the results.

It's not, but there are server side options (topic of op) where it's a websocket. I believe HTMx supports ws too, but gp was only talking about RESTful round-trips

Isn’t that mitigated with TLS session resumption and TLS 1.3’s 0-RTT?