On Fri, Mar 16, 2018 at 4:19 PM, Matt Caswell <m...@openssl.org> wrote:
> What is reasonable behaviour for a client to do with any tickets it has > previously received following a key update or a post-handshake > authentication? Should those old tickets be now considered out-of-date > and not used? > There is no good reason to discard tickets received post KeyUpdate. The KeyUpdate has no impact on their security. It's probably reasonable to discard tickets received after Post-Handshake Auth if a new ticket is received, as that ticket might incorporate the client's authenticated identity. Otherwise I wouldn't bother. -Ekr > Matt > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
