On Saturday, 28 July 2018 01:20:43 CEST Eric Rescorla wrote: > Dear TLS WG members. > > I am doing my final copy-edits for the TLS 1.3 RFC and I noted one > technical point and two points I would like to edit for clarity but I > wanted more eyes on. > > > 1. https://tools.ietf.org/html/draft-ietf-tls-tls13-28#section-4.1.2 > > If the client is attempting a PSK key > establishment, it SHOULD advertise at least one cipher suite > indicating a Hash associated with the PSK. > > This seems like it would be better as a MUST. It's not a disaster > if we don't change it, but can anyone think of a reason it should > be a SHOULD?
It can be a MUST, but then we need to add a MUST for a server not to overinterpret lack of them (as in MUST NOT abort) - client may send a PSK associated with a hash in a ciphersuite that the server does not know -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
