On Mon, Aug 17, 2015 at 9:20 AM, Simon Bernard <cont...@simonbernard.eu> wrote:
> I re-readed this paragraph and it's still not clear, what did you mean by > connection at transport layer for UDP. > > I well understand that if a server receive a clientHello with epoch=0, > this means that a new handshake should be done. > > But I still don't know what happends in a ResumeHandshake use case. > > In fact, my use case is a client behind a NAT which communicate > periodically. at each period, its IP/Port could changed (because of NAT), > so we would like to resume handshake each time. > 1) Does it make sense ? > 2) If yes, should we do the resume handhsake with epoch = 0 or continue > with previous epoch ? > Resumption isn't relevant here. If you are renegotiating (i.e., the ClientHello will be encrypted under a previous cipher suite) then you have epoch > 0. Otherwise, epoch = 0. -Ekr > > Le 17/08/2015 16:24, Eric Rescorla a écrit : > > Please see RFC 6347 S 4.2.8 > > -Ekr > > > On Mon, Aug 17, 2015 at 7:20 AM, Simon Bernard <cont...@simonbernard.eu> > wrote: > >> I'm sorry to insist, but What did you mean by transport level connection >> ? For me UDP was a connectionless protocol. >> >> Simon >> >> >> Le 31/07/2015 18:53, Eric Rescorla a écrit : >> >> >> >> On Fri, Jul 31, 2015 at 6:52 PM, Simon Bernard <cont...@simonbernard.eu> >> wrote: >> >>> Thx. >>> What did you mean by connection ? >>> >> >> transport level connection. >> >> >> >>> A resume handshake is a new connection ? >> >> >> You can also resume when you renegotiate. >> >> -Ekr >> >> >>> Le 31/07/2015 16:54, Eric Rescorla a écrit : >>> >>>> The epoch is set to 0 at the start of each connection and then >>>> incremented >>>> with each handshake on that connection. >>>> >>>> -Ekr >>>> >>>> On Fri, Jul 31, 2015 at 4:41 PM, Simon Bernard <cont...@simonbernard.eu >>>> <mailto:cont...@simonbernard.eu>> wrote: >>>> >>>> Hi, >>>> >>>> I search in DTLS RFC 6347 if the epoch should be (re)set to 0 >>>> when we start a resume handshake, or if we keep the last used >>>> value, or the last used value+1 ? I can not any clue of that in >>>> the spec. >>>> Any idea ? >>>> >>>> Thx >>>> Simon >>>> >>>> _______________________________________________ >>>> TLS mailing list >>>> TLS@ietf.org <mailto:TLS@ietf.org> >>>> https://www.ietf.org/mailman/listinfo/tls >>>> >>>> >>>> >>> >> >> > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
