On Tue, Mar 26, 2019, at 14:30, Hubert Kario wrote: > On Tuesday, 26 March 2019 09:07:51 CET Martin Thomson wrote: > > We don't trust that the key share or certificate is good either, but once we > > have a Finished message, that is retroactively authenticated and can be > > used. We rely on this property for a bunch of things. > > yes, but those things are part of the protocol, not destined for application > (or even if they are, they are actionable only after the handshake finished)
Yep, but that's something that QUIC relies on already. As does ALPN. And it is likely that there are other things that I can't think of in my current frazzled state. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
