On Mon, Dec 11, 2017 at 08:50:17AM -0600, Martin Thomson wrote: > On Mon, Dec 11, 2017 at 12:09 AM, Ilari Liusvaara > <ilariliusva...@welho.com> wrote: > > Transforming messages before putting them in transcript? That sounds > > like recipe for some very nasty implementation headaches. > > > > AFAIK, nothing else in TLS does this. TLS 1.3 has reset hash and inject > > synthetic message, but that is a lot easier than actual message > > transformation. > > My understanding is that this is what is proposed. FWIW, it's not > that awful for us to implement in NSS.
I searched the drafts (both -00 and -01). I find absolutely nothing to suggest this extension would play any games with the handshake hash. And considering that extension playing such games is AFAIK unprecidented, that would warrant rather big warnings. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
