[TLS] Question regarding TLS 1.3 session resumption

Good afternoon all, The RFC 8446 mentions key schedule, resumption_master_secret and new session ticket and I am not quite sure if I understand the session resumption behavior correctly. My understanding is that both the client and server calculate all the secrets of the key schedule theref

Re: [TLS] Question regarding TLS 1.3 session resumption

On Sun, May 05, 2019 at 01:11:27PM +0200, geyer.lu...@gmail.com wrote: > Good afternoon all, > > > The RFC 8446 mentions key schedule, resumption_master_secret and new session > ticket and I am not quite sure if I understand the session resumption > behavior correctly. > > > My understanding is

[TLS] [Technical Errata Reported] RFC8448 (5720)

The following errata report has been submitted for RFC8448, "Example Handshake Traces for TLS 1.3". -- You may review the report below and at: http://www.rfc-editor.org/errata/eid5720 -- Type: Technical Reported by: Martin Th

Re: [TLS] Deprecated signature algorithms in RFC8446

Thanks for noticing that Tobias. I've opened an erratum, but am still waiting for the RFC editor's email confirming it. I'll pass that along when that comes through. (This is the result of a bug in NSS, so in case you are interested: https://bugzilla.mozilla.org/show_bug.cgi?id=1549225) On S

Re: [TLS] [Technical Errata Reported] RFC8448 (5720)

I guess we want Hold For Document Update? -Ben On Sun, May 05, 2019 at 03:36:20PM -0700, RFC Errata System wrote: > The following errata report has been submitted for RFC8448, > "Example Handshake Traces for TLS 1.3". > > -- > You may review the report below a

Re: [TLS] Question regarding TLS 1.3 session resumption

Ilari answered your question, but this jumped out: On Sun, May 5, 2019, at 21:11, geyer.lu...@gmail.com wrote: > [...] both sides calculate, > PSK = [...] > and the server sends back to the client the PSK (unencrypted [...]) The PSK never gets sent. As you say, both sides can calculate the s

Re: [TLS] [Technical Errata Reported] RFC8448 (5720)

That would work for me. On Mon, May 6, 2019 at 9:12 AM Benjamin Kaduk wrote: > > I guess we want Hold For Document Update? > > -Ben > > On Sun, May 05, 2019 at 03:36:20PM -0700, RFC Errata System wrote: > > The following errata report has been submitted for RFC8448, > > "Example Handshake Traces

Re: [TLS] WGLC for "Deprecating TLSv1.0 and TLSv1.1"

On Sat, May 4, 2019, at 23:01, Kathleen Moriarty wrote: > WG decision is appreciated on this point and proposed text for RFC 7525. > > Proposed: When using RSA, servers SHOULD authenticate using > certificates with >at least a 2048-bit modulus for the public key. In addition, the use >