On Fri, Sep 20, 2019 at 4:32 AM Nikos Mavrogiannopoulos <n...@redhat.com> wrote:
> On Thu, Sep 19, 2019 at 11:49 PM Nico Williams <n...@cryptonector.com> > wrote: > > > > On Thu, Sep 19, 2019 at 04:57:17PM -0400, Richard Barnes wrote: > > > I don't think anyone's asking for these cases to be differentiable on > the > > > wire. The question is whether the *server* can differentiate, in > > > particular, the application running on the server. > > > > And the answer to that one is "yes", because the server has control over > > the PSK IDs. > > You are making a lot of implicit assumptions for that. Consider a > "server" consisting of multiple front end implementations all > connected to a DB back-end. Does that "server" has control over PSK > IDs? > While Nico's assertion isn't always practical, I think it fits a pretty common pattern: a TLS-terminator / edge server validates that the server issued the credential, without hitting the backing credentials database. These servers often perform similar checks on HTTP Cookie headers. Then, as the traffic is passed to the application, the credential is actually checked against the database. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
