Hello, I'm reading the "Pre-Shared Key Extension" section of the TLS 1.3 draft [0], and I noticed quite some deviations (IMO) from typical TLS protocol behavior. No rationale is given about them so I ask on list.
To summarize, the client sends a list of identitities and the server replies with an index indicating which identity is approved. 1. The server reply with an index is unique in TLS. It is not used in ciphersuite selection or in any other negotiation in TLS where the client sends multiple options. Why not have the server reply with the selected username. 2. Why does the client send multiple identities? In TLS-SRP a single identity is sent, and the same in the existing TLS-PSK rfc. How is this envisioned to be used? A client sends: I'm probably one of Bob, Nikos, George, take a look on that list and tell me who I really am? In that case why not allow the server, to reply with a username outside that list (i.e., assign a new one to be used at the next session - see point 1). 3. The maximum size of the username is 2^16. Isn't that excessive for a user name or a user identifier? Why not set 2^8? That would fit a uuid or anything similarly large. regards, Nikos [0]. https://tlswg.github.io/tls13-spec/#rfc.section.4.2.5 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
