I agree with MT. Hannes, if you want to clean up the text to take into account MT's comments, I will merge
On Sat, Sep 10, 2016 at 3:35 AM, Martin Thomson <martin.thom...@gmail.com> wrote: > On 9 September 2016 at 23:37, Hannes Tschofenig > <hannes.tschofe...@gmx.net> wrote: > > I am wondering why I cannot use Zero-RTT with just PSK-based > authentication > > (without a prior ticket change). > > I think that you would need to bind more things to the key in that > case, but I assume that it would be OK if you did so. You already > need to pair a PSK with a hash, but if you paired it with a whole > cipher suite instead and also the ALPN (which could be null), then I > see no reason not to permit 0-RTT for pure PSK. (I think that cipher > suite + ALPN is sufficient, but someone can correct me if I missed > anything.) > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
