On Wed, 2016-09-21 at 17:46 +0000, Raja ashok wrote: > [ashok] : PSK Identity extension specified in our extension differs > from the extension specified in TLS1.3.
Agreed. I suspect it just makes sense to add a sentence to that effect, to the draft? > [ashok] : I feel sending the selected ID is better, otherwise while > process "server hello" msg, client has to maintain the PSK ID list in > the same order in which it sent. Already there was a discussion in > TLS1.3 group for sending selected ID instead of index. Yes, I agree. In TLS1.3 it kind of makes sense, because the PSK identifiers there can be huge — they are the full session ticket from RFC5077. So it makes some sense to send back only an index. But in TLS <= 1.2 when you're not (ab)using PSK for session resumption, that motivation goes away and returning the identity itself seems reasonable. But again, it's just worth calling out the differences between TLSv1.3 for clarity. There is also discussion of supporting only a *single* PSK identity in TLSv1.3. If that happens, is there a real need for the extension to permit more than one identity in TLS <= 1.2. -- dwmw2
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls