> On May 10, 2018, at 1:28 PM, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote:
>
> On a related note, should a client sending both a resumption and
> an external PSK place the resumption PSK first in the list of
> PSK identities? My concern is that server implementations might
> otherwise recognize the external PSK first, and then not even
> look at the resumption PSK. Is that a valid concern?
>
> Should server implementations first see if any of the PSKs
> are resumption PSKs before considering the rest?
Perhaps a better question is:
Should servers issue resumption tickets after an initial PSK handshake?
And if so, should resumption be preferred for any reason when the client
sends both a resumption ticket and the external PSK?
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
