On Wed, Sep 18, 2019, at 4:31 PM, Martin Thomson wrote: > On Thu, Sep 19, 2019, at 01:41, Christopher Wood wrote: > > Ah, so, I think this is where the miscommunication is happening! The > > target KDFs I've been envisioning are not protocol specific. > > As HKDF and the TLS 1.2 PRF are not the same function, wouldn't it be > better to have separate identifiers? Sure, we could rely on the > `protocol` field to diversify the output, but I think that we should be > applying the same principle throughout, namely that the one key is only > used with the one KDF instantiation.
Agreed on the principle, especially if future versions of TLS define new KDFs and we want to avoid using the same imported key across both. I'll make that change after #18 (https://github.com/tlswg/draft-ietf-tls-external-psk-importer/pull/18) lands, at which point we should be able to close issues #15 and #16. Best, Chris _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
