Re: [TLS] draft-ietf-tls-tls13-21 posted

山本和彦 Wed, 05 Jul 2017 19:20:19 -0700

>> I think that would be best.  With the change to the transcript hash,
>> the context would then be:
>> 1. a transcript hash (size = hash function output)
>> 2. 0 (size = 0)
>> 3. ticket nonce (size = 1..255)
>>
> 
> Yeah, I can do a PR for this.


       HKDF-Expand-Label(Secret, Label, HashValue, Length) =
            HKDF-Expand(Secret, HkdfLabel, Length)

So, HashValue is not a hash value anymore.
It should be "Value" or something.
The definitions would be:

       HKDF-Expand-Label(Secret, Label, *Value*, Length) =
            HKDF-Expand(Secret, HkdfLabel, Length)

       struct {
           uint16 length = *Value.length*;
           opaque label<7..255> = "tls13 " + Label;
           opaque hash_value<0..255> = *Value*;
       } HkdfLabel;


--Kazu

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] draft-ietf-tls-tls13-21 posted

Reply via email to