On Tue, Mar 15, 2016 at 1:46 PM, Hannes Tschofenig < hannes.tschofe...@gmx.net> wrote:
> Hi Ekr, Hi all, > > I am not entirely sure about the PSK story in TLS 1.3. > > In Section 6.2.3 I read that the PSK approach has been combined with > resumption. > > Appendix A4 lists the defined ciphersuites but there is no PSK-based > ciphersuite in that list. > This is editorial skew. I'll be adding them shortly. Section 6.3.1.2 explains that the ServerHello message handling: > > " > The server will send this message in response to a ClientHello message > when it was able to find an acceptable set of algorithms and the > client’s “key_share” extension was acceptable. If the client proposed > groups are not acceptable by the server, it will respond with a > “handshake_failure” fatal ale > " > > What this text should be saying is that the response from the server > depends on the selected ciphersuite. Implicitly you are saying that in > another part of the document, namely in Section 8.2 "MTI Extensions". > Sorry, I'm not following your question here. Can you say more? -Ekr > Ciao > Hannes > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
