DOC: ssl: Document the restrictions on 0RTT.

Document that with QUIC, 0RTT only works with OpenSSL >= 3.5.2 and
AWS-LC, and for TLS/TCP, it only works with OpenSSL, and frontends
require that an ALPN be sent by the client to use the early data before
the handshake.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 8cf61ee6de5101be25fcf17eefaa5e43415aa6ae..422eaf6be4aab5a53869efbcc73717746402ee00 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -16513,6 +16513,10 @@ allow-0rtt
   you should only allow if for requests that are safe to replay, i.e. requests
   that are idempotent. You can use the "wait-for-handshake" action for any
   request that wouldn't be safe with early data.
+  With QUIC, 0rtt is supported with OpenSSL >= 3.5.2 and AWS-LC. With TCP/TLS,
+  0rtt is only supported with OpenSSL, and requires that the client sends an
+  ALPN, otherwise the early data won't be considered before the handshake
+  happens.
 
 alpn <protocols>
   This enables the TLS ALPN extension and advertises the specified protocol
@@ -17741,6 +17745,8 @@ allow-0rtt
   Allow sending early data to the server when using TLS 1.3.
   Note that early data will be sent only if the client used early data, or
   if the backend uses "retry-on" with the "0rtt-rejected" keyword.
+  With QUIC, 0rtt is supported with OpenSSL >= 3.5.2 and AWS-LC. With TCP/TLS,
+  0rtt is only supported with OpenSSL.
 
 alpn <protocols>
   May be used in the following contexts: tcp, http