While reviewing the latest TLS 1.3 draft (revision 10), the description
in section 6.3.3 uses the following wording:
When this message will be sent:
If this message is sent, it MUST be sent immediately after the
ServerHello message. This is the first message that is encrypted
under keys derived from ES.
The use of the word "if" implies this is an optional message. However,
Figure 1 in section 6.2 implies the EncryptedExtensions message is not
optional since it's not footnoted with an asterisk. The asterisk
footnote is described as:
Indicates optional or situation-dependent messages that are not always sent.
Can anyone comment on whether the EncryptedExtensions message is
optional? If it is, should Figure 1 be updated to reflect this? Or,
should the the text in section 6.3.3 be updated to indicated this
message is required?
This is an important detail for implementors, since the client-side
state machine will need to know whether to expect the
EncryptedExtensions message after the ServerHello, or to expect another
one of the subsequent messages.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
