On 9/1/17, Daniel Franke <[email protected]> wrote: > Got any idea for how to phrase this without creating a normative > reference that blocks us on TLS 1.3 publication?
So actually, I just took another close look at 5705 and at the history of the TLS RFCs, and I think the Right Thing is already unambiguous. RFC 5705 says to apply "TLS Pseudorandom Function in use for the session". The TLS PRF has already changed incompatibly in past TLS versions. In TLS 1.2, it's part of the ciphersuite's specification. In 1.1 and prior, it was fixed, and based on an XOR of MD5 and SHA1. So any correct RFC 5705 implementation is already taking protocol version into account and choosing what function to apply accordingly. _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
