Okay that’s fine. It was just the wording of this one sentence that made me ask this question.
> Am 13.12.2019 um 07:45 schrieb Benjamin Kaduk <ka...@mit.edu>: > > On Wed, Dec 11, 2019 at 12:48:58PM -0500, Russ Housley wrote: >> Mirja: >> >>> ---------------------------------------------------------------------- >>> COMMENT: >>> ---------------------------------------------------------------------- >>> >>> Just a small thing to double-check: I wonder if this sentence would actually >>> require an update to RFC8446: >>> "TLS 1.3 does not permit the server to send a CertificateRequest >>> message when a PSK is being used. This restriction is removed when >>> the "tls_cert_with_extern_psk" extension is negotiated, allowing >>> certificate-based authentication for both the client and the server." >>> Or maybe it should be phrased differently, just: >>> "If the "tls_cert_with_extern_psk" extension is negotiated, >>> certificate-based >>> authentication is allowed for both the client and the server." I guess it >>> depends on what exactly is said in RFC8446 (and I didn't went and tried to >>> find >>> it). >> >> I do not believe that an update is needed or appropriate. First, the >> presence of this extension is an indication that this behavior will be >> different. Second, this is going to be an Experimental RFC, so it should >> not update a standards-track RFC. > > I agree; this is just an extension working as normal. (Not that I haven't > asked the same question before for other documents....) > > -Ben > >>> And as a side note, it is usually recommended to provide the link to the >>> registry in the IANA section (to make life for IANA easier) >> >> I will gladly add a reference to the registry: >> >> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml >> >> Russ >> > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
