I don't think anyone's asking for these cases to be differentiable on the wire. The question is whether the *server* can differentiate, in particular, the application running on the server.
--Richard On Thu, Sep 19, 2019 at 2:36 PM Nico Williams <n...@cryptonector.com> wrote: > On Thu, Sep 19, 2019 at 08:06:26AM -1000, Christian Huitema wrote: > > There is also a privacy angle. From a privacy point of view, it is > > very nice that PSK cannot be distinguished from session resumption. > > This. > > PSK is the right way to, for example, integrate Kerberos into TLS 1.3 > now. But it's no eavesdropper's business whether a session used > Kerberos for setup or resumption tickets. > > Nico > -- >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
