Hello, I was just double checking if there was an answer to the question of using the TLS renegotiation extension from RFC 5746 in the context of TLS session resumption. As stated below, based on the RFC it is not crystal clear if it applies. In general I would think yes, but only for session resumption based on the sessionID, not based on tickets.
Any feedback/opinion is helpful. Best regards Steffen From: TLS <tls-boun...@ietf.org> On Behalf Of Fries, Steffen Sent: Mittwoch, 17. August 2022 08:27 To: <tls@ietf.org> <tls@ietf.org> Subject: [TLS] RFC 5746 applicable for session resumption? Hi, while reading RFC 5746 on TLS renegotiation indication extension I came across the text in sections 3.4 and 3.6 that the client and server behavior (verification of client_verify_data and server_verify_data) applies to full handshakes as well as resumed handshakes. I was somehow mislead by the name of the extension and did not consider it for resumption. My question is if this is limited to the use of session resumption based on the sessionID and not for RFC 5077 (Stateless TLS Session Resumption)? At least, I haven't seen the information in the ticket, which would allow the server to verify the client_verify_data. Hence the assumption it only applies for resumption based on the sessionID. Is this right or did I miss something? Best regards Steffen -- Steffen Fries Siemens AG
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
