On Monday, December 21, 2015 09:25:44 pm Christian Huitema wrote: > > I was just going over this text today and realized it's kind of confusing > > (and the whole "handshake_hash" abstraction is starting to be less useful > > in light of the PR#316 reframing of the authentication block). > > Yes, the "handshake hash" is indeed confusing. Specifying something like "all > messages up to <some point>" is simple enough. But there are several such > points, used at different stages. Server Hello, Server certificate verify, > Server Finished, Client certificate verify, Client finished.. It would be a > bit more clear to give each of them its own name.
Along this same line, I'd suggest getting rid of "session_hash", at least as-is. Instead, just use "handshake_hash" for everything and specify what's included at each use. "Session hash" is just another term that has to be referenced, when it's just the final state of the handshake hash. The term doesn't really add anything unless every separate stage of the handshake hash was named separately (in which case, "handshake_hash_*" naming might be more clear) Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
