On Thursday, 14 June 2018 21:46:27 CEST David Benjamin wrote: > Thoughts? If the WG likes this design, I would suggest: > > - Most folks who want to use TLS 1.3 with external PSKs should probably > design their protocols to provision universal PSKs instead, after it > stabilizes. > > - Folks who want to use TLS 1.3 with existing TLS 1.2 PSKs should use the > compatibility derivation in this draft, after it stabilizes. > > - Folks who want to ship TLS 1.3 before then and have a TLS 1.2 PSK API > should not use the 1.2 PSK as a 1.3 PSK. For now, just turn TLS 1.3 off by > default if that API is used and, in a future release, use the compatibility > derivation after it stabilizes.
that's not workable. the reason why implementations chose to use old API to provision TLS 1.3 PSKs was to make the upgrade process as smooth as possible, disabling TLS 1.3 is quite antithetical to that -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls