On Wed, Mar 30, 2016 at 08:35:31PM +1100, Martin Thomson wrote: > On 30 March 2016 at 16:15, Ilari Liusvaara <ilariliusva...@welho.com> wrote: > > Only if using 0-RTT auth, which seems is going to be removed (yay). > > My reading is that Finished is always present. That is, the > authentication messages are always sent, with > Certificate+CertificateVerify being omitted if there is no > certificate.
Oh, yeah, looks like there is always Finished. Does not simplify implementation in any way (just makes implementation even more complex). Then on topic of 0-RTT, how does 0-RTT key hashes behave if handshake is restarted (main handshake hash continues, but 0-RTT hash context currently needs to be separate from the main context)? -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls