On Thursday, 10 May 2018 19:28:45 CEST Viktor Dukhovni wrote: > > On May 10, 2018, at 11:46 AM, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote: > >> I would imagine, but NSS, at least, doesn't support external PSKs. > > > > Good to know. Does any implementation other than OpenSSL support > > external PSKs? How do you distinguish between external PSKs and > > resumption PSKs? > > So no need to distinguish in either NSS or Mint. Anyone else? > > On a related note, should a client sending both a resumption and > an external PSK place the resumption PSK first in the list of > PSK identities? My concern is that server implementations might > otherwise recognize the external PSK first, and then not even > look at the resumption PSK. Is that a valid concern?
I'd say so, the server should use the first identity for which the binder validates. > Should server implementations first see if any of the PSKs > are resumption PSKs before considering the rest? all the value lists sent by client are supposed to be sorted by willingness to use by client, most wanted first I don't see why PSK's shouldn't be like this too. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls