According to RFC8446, Section C.4 “Servers SHOULD issue new tickets with every
connection”.
Yet, in file ssl/statem/extensions_srvr.c, method tls_parse_ctos_psk,
s->ext.ticket_expected = 0, preventing the NST from being sent.
This appears to be a bug – or am I missing something?
Thanks,
Karl
Thanks
On 4/5/18, 2:35 PM, "openssl-users on behalf of Viktor Dukhovni"
wrote:
> On Apr 5, 2018, at 2:29 PM, Henderson, Karl via openssl-users
wrote:
>
>> TLS 1.3 unifies session tickets with (external) PSKs, perhaps you should
recast your app
i"
wrote:
> On Apr 5, 2018, at 2:02 PM, Henderson, Karl via openssl-users
wrote:
>
> Is it possible to use 5077 with a key wrapping key in a Needham-Schroeder
scenario:
>
> • A is a Key Server
> • C is say a web server
> • A has a relation
Is it possible to use 5077 with a key wrapping key in a Needham-Schroeder
scenario:
* A is a Key Server
* C is say a web server
* A has a relationship with C and hence A has key KEYac
* B wants to talk to C but doesn’t have a relationship with C
* B has a relationship with A
Thanks for the response - yes, I do understand I'm re-purposing this mechanism
in a creative way. At this time, it's just for experimental purposes.
On 4/3/18, 5:34 PM, "Viktor Dukhovni" wrote:
> On Apr 3, 2018, at 11:00 AM, Henderson, Karl vi
I know there may be a million reasons people can tell me not to do this, but
for some dome code, I need to have a client contact a server with an RFC5077
ticket (not one previously sent from the server) with a propriety payload in
the IV. I’d like to use the key_name in the ticket to get a key.
In this use case, I may want to have yet another client D that wants to talk to
B using the same session ticket. This way, B doesn't need to keep a cert per
client. This may pose some security risks but at this point, I'm just trying to
make it work.
On 3/28/18, 1:50 PM, "Viktor Dukhovni" wro
p
Since there exists a reference implementation, and the source code is
available, why not start there? The symmetric key protocol is the basis of
Kerberos.
- M
On Wed, Mar 28, 2018 at 9:26 AM, Henderson, Karl via openssl-users
wrote:
Need some help with RFC5077 ticket const
Need some help with RFC5077 ticket construction. I’d like to implement a type
of Needham-Schroeder protocol where:
A wants to talk to B
A and B have a relationship with C
C constructs an RFC5077 ticket and gives it to A so that A can contact B
Are there any good examples of how to do this?
