On 4 July 2017 at 01:01, Eric Rescorla <e...@rtfm.com> wrote:
> - Modifying the key derivation for PSKs so that each session ticket
> is associated with a distinct PSK.
Draft-21 says this about the ticket nonce:
opaque ticket_nonce<1..255>;
...
ticket_nonce A unique per-ticket value.
Within what context is "uniqueness" required? I am assuming that
uniqueness within the context of a single TLS connection is all that
is needed?
The nonce can be anything between 1 and 255 bytes long. There is no
guidance on a suitable length, so I am assuming I can choose anything
I like as long as the uniqueness constraint is met. OpenSSL
(currently) only ever issues a single ticket per TLS connection so is
a single 0 byte sufficient?
Thanks
Matt
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
