On Tue, Jan 22, 2019 at 02:48:26PM -0500, Viktor Dukhovni wrote: > As for applications mishandling "SSL_CB_HANDSHAKE_START", not quite sure > what to do there, but perhaps we could define a new even for keyUpdates > that does not mislead applications into assuming a new "handshake".
I think calling anything a handshake that is not a handshake should either be removed or renamed. KeyUpdate is not a handshake. I'm not sure what we do in case of a session ticket, but it also shouldn't send such events, but other events are probably useful in that case. Kurt _______________________________________________ openssl-project mailing list firstname.lastname@example.org https://mta.openssl.org/mailman/listinfo/openssl-project