On Thu, Jan 24, 2019 at 9:45 PM Matt Caswell <m...@openssl.org> wrote:
> > This notion of "handshake" is not supported by RFC 8446 uses the terms > "the > > handshake", "a handshake", and "post-handshake". "Post-handshake", in > > particular, implies KeyUpdate are after the handshake, not part of it. > > I just don't agree with you here. About the best that can be said about > RFC8446 > in this regards is that the term handshake is overloaded. It certainly > does mean > "the initial handshake" in the way that you describe (and I myself use the > term > to mean that). But it is *also* used in other contexts, such as "handshake > messages" or "handshake protocol" where it is referring to things not > necessarily constrained to the initial handshake. > I agree with Matt here - there is no such clear distinction made in RFC8446 - with "handshake" being used in *all *contexts. If such a distinction was intended by the IETF WG then they failed to achieve it in RFC8446 in numerous places. Quoting RFC8446 ... 4.6.3. Key and Initialization Vector Update The KeyUpdate *handshake message ...* It doesn't help that it has 4.6 Post-Handshake Message section which states "after the main handshake" also indicating that the handshake messages are handshakes too - just not the "main handshake". Tim.
_______________________________________________ openssl-project mailing list firstname.lastname@example.org https://mta.openssl.org/mailman/listinfo/openssl-project