Hi, while reading RFC 5746 on TLS renegotiation indication extension I came across the text in sections 3.4 and 3.6 that the client and server behavior (verification of client_verify_data and server_verify_data) applies to full handshakes as well as resumed handshakes. I was somehow mislead by the name of the extension and did not consider it for resumption.
My question is if this is limited to the use of session resumption based on the sessionID and not for RFC 5077 (Stateless TLS Session Resumption)? At least, I haven't seen the information in the ticket, which would allow the server to verify the client_verify_data. Hence the assumption it only applies for resumption based on the sessionID. Is this right or did I miss something? Best regards Steffen -- Steffen Fries Siemens AG
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
