On 9/1/17, Kyle Rose <[email protected]> wrote: > I think it's worth clarifying this because you don't want one > implementation using 5705 and another using HKDF and agreeing on > different keys. For some use cases it doesn't matter (server deriving > keys that only it knows), but in cases of shared keys we would have a > problem.
Got any idea for how to phrase this without creating a normative reference that blocks us on TLS 1.3 publication? _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
