TLS 1.3 allows clients to send multiple PSK identities, with the server choosing one. When, if every, might it make sense for the client to send multiple session tickets to the server? If this is not expected, is it sufficiently odd for a server to ignore any tickets after the first (if that one is not usable)?
-- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls