On Sat, Jan 28, 2023 at 03:03:54PM +0200, Ilari Liusvaara wrote:
> On Sat, Jan 28, 2023 at 08:35:40AM +, John Mattsson wrote:
> > Thanks Ilari for that very fast and detailed answer. I a made a PR to
> > RFC8446bis to suggest adding “A node MAY use the same certificate as
> > both server and
Thanks Ilari for that very fast and detailed answer. I a made a PR to
RFC8446bis to suggest adding “A node MAY use the same certificate as both
server and client certificate.”, I don’t know if there should be more
restrictions. The real practical problems seem to be cross-protocol attacks on
On Fri, Jan 27, 2023 at 06:01:04PM +, John Mattsson wrote:
> Hi,
>
> - Using the same signature key or PSK for TLS and another protocol is
> obviously unsecure in the worst case. But probably practically
> secure in many cases even if nobody has proved it.
Well, looking at the