Hi John, On Tue, Apr 9, 2019, at 11:53 AM, John Mattsson wrote: > > Hi Chris, > > Thanks for the discussion. Would be good if a future version:
Likewise -- thank you for the comments! > - Made clear if the imported PSKs MUST NOT / SHOULD NOT / MAY / SHOULD > / MUST be offered alongside the existing external PSKs. While offering > both would make a migration path possible I don’t think it is the way > to go. Yep, we'll clear this up. (I'm currently leaning towards *not* allowing it.) > - If MUST NOT, the document should maybe also state what the client do > if it receives a unknown_psk_identity alert, is it allowed to try again > with the external (non-imported identity) or is it forbidden to do so? Good question! I'll file an issue to track and resolve this. > - Made clear if use of draft-wood-tls-external-psk-importer is a > property of the TLS implementation (i.e. used on all PSK) or a property > of the external PSK (i.e. only used on keys with this property). It's the former, for all external PSKs. We'll try to clarify this. > - State that "tls12" is used for DTLS 1.2 and "tls13" is used for DTLS 1.3. +1 Thanks again for the comments and review. Best, Chris _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
