On Wed, Aug 1, 2018 at 7:07 PM Martin Thomson <[email protected]> wrote: > > This is the right sentiment. Some editorial comments inline. > > On Thu, Aug 2, 2018 at 11:57 AM Christopher Wood > <[email protected]> wrote: > > In addition, while constructions in TLS 1.2 and TLS 1.3, although both > > based on HMAC, are very different and there is no known way in which > > reuse of the same PSK in TLS 1.3 and TLS 1.2 would produce related > > output, only limited analysis has been done of the safety of this > > practice. > > I had some difficultly parsing this sentence. I think that it is two: > > The constructions in TLS 1.2 and TLS 1.3 are different, although they > both based on HMAC. Though there is no known way in which the same > PSK might produce related output in both versions, only limited > analysis has been done.
+1 -- this is a nice improvement. > > > Future > > work such as [UNIVERSALPSK] or [SHAREDPSK] > > I would avoid citing specific drafts, particularly when we're still > unsure about where we want to go (maybe we want both, or neither). > I'd strike the "such as" bit here. +1 here too. We might as well remove the entire sentence as it does not add much value without the references. Thanks, Chris (chair hat on) _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
