On Wed, Jun 3, 2020, at 6:47 PM, Martin Thomson wrote:
> On Thu, Jun 4, 2020, at 11:44, Eric Rescorla wrote:
> > I think it would help to be more explicit here:
> > Servers which are authenticating with a resumption PSK MUST NOT send
> > the CertificateRequest message in the main handshake, [...],
> > Servers which are authenticating with an external PSK MUST NOT send the
> > CertificateRequest message either in the main handshake or in the
> > post-handshake phase. Future specifications MAY provide an extension to
> > permit this.
>
> That sounds great. I've a tiny tweak, but I will open an erratum with
> that suggestion.
That works for me, too.
Thanks,
Chris
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
