On Wed, Dec 30, 2015 at 07:23:12PM -0500, Watson Ladd wrote: > On Dec 30, 2015 7:08 PM, "Ilari Liusvaara" <ilariliusva...@welho.com> wrote: > > > > I also think I figured out a way to truly force contributory behaviour > > without any checks: > > > > It is a bit nasty hack: Throw the exchange keys into the PMS, expanding > > it from 32/56 bytes to 96/168 bytes. > > Why not hash the public values into the result of the key exchange? I don't > want security to depend on omittable checks.
What values you think are realistically available at that point, other than the exchange public keys? -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
