On Thu, Jun 4, 2020, at 11:44, Eric Rescorla wrote: > I think it would help to be more explicit here: > Servers which are authenticating with a resumption PSK MUST NOT send > the CertificateRequest message in the main handshake, [...], > Servers which are authenticating with an external PSK MUST NOT send the > CertificateRequest message either in the main handshake or in the > post-handshake phase. Future specifications MAY provide an extension to > permit this.
That sounds great. I've a tiny tweak, but I will open an erratum with that suggestion. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
