On Fri, Jul 15, 2016 at 05:34:40PM +, Andrei Popov wrote:
> > The I-D actually covers this.
> Understood; the I-D lists a few cons, but arguably none of them are
> blocking issues. It seems unnecessary to create a new TLS-specific
> mechanism that duplicates existing PKI semantics.
IMO, the dr
Here are some (second) thoughts on the derivation of resumption_context.
The purpose of this value is to bind the resumed session to the data in the
original connection, namely, to "ClientHello...Client Finished" (and, in
particular, to the server's identity).
The right way to do this binding i
