On Mon, Dec 21, 2015 at 6:33 PM, Dave Garrett <davemgarr...@gmail.com> wrote:
> On Monday, December 21, 2015 09:25:44 pm Christian Huitema wrote: > > > I was just going over this text today and realized it's kind of > confusing > > > (and the whole "handshake_hash" abstraction is starting to be less > useful > > > in light of the PR#316 reframing of the authentication block). > > > > Yes, the "handshake hash" is indeed confusing. Specifying something like > "all messages up to <some point>" is simple enough. But there are several > such points, used at different stages. Server Hello, Server certificate > verify, Server Finished, Client certificate verify, Client finished.. It > would be a bit more clear to give each of them its own name. > > Along this same line, I'd suggest getting rid of "session_hash", at least > as-is. Instead, just use "handshake_hash" for everything and specify what's > included at each use. "Session hash" is just another term that has to be > referenced, when it's just the final state of the handshake hash. I tend to agree > The term doesn't really add anything unless every separate stage of the > handshake hash was named separately (in which case, "handshake_hash_*" > naming might be more clear) Yeah, that might work. I'm putting the final touches on draft-11 and will see what I can do to clarify this. Thanks -Ekr > > > Dave >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
