I agree with MT. Hannes, if you want to clean up the text to take into account MT's comments, I will merge
On Sat, Sep 10, 2016 at 3:35 AM, Martin Thomson <[email protected]> wrote: > On 9 September 2016 at 23:37, Hannes Tschofenig > <[email protected]> wrote: > > I am wondering why I cannot use Zero-RTT with just PSK-based > authentication > > (without a prior ticket change). > > I think that you would need to bind more things to the key in that > case, but I assume that it would be OK if you did so. You already > need to pair a PSK with a hash, but if you paired it with a whole > cipher suite instead and also the ALPN (which could be null), then I > see no reason not to permit 0-RTT for pure PSK. (I think that cipher > suite + ALPN is sufficient, but someone can correct me if I missed > anything.) > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
