On Thu, Mar 02, 2023 at 04:29:11AM +0000, Peter Gutmann wrote: > Chuck Lever III <[email protected]> writes: > > >We're implementing TLSv1.3 support for PSK and note there is a capability in > >the PSK extension described in S 4.2.11 for sending a list of identities. We > >don't find support for a list of alternate identities implemented in user > >space TLS libraries such as GnuTLS or OpenSSL. Is there a known reason for > >that omission? > > If it's the same as similar locations in previous versions of TLS where it's > possible to specify a list of X instead of just an X then it could be because > no-one has any idea why you'd specify a list of X, or what to do with it if > one does turn up. There are several fields where, in the past, we've had > users ask what to do with them and it turned out, after some testing, that the > answer is "whatever you want" because the other side pays no attention > whatsoever to what's in there.
If you would like to use a PSK for authentication a full handshake but also have the option of doing resumption, you would need to offer two distinct PSKs in order to ensure that a handshake would succeed. The only reasons I can think of to offer more than two would be somewhat exotic, where you are (e.g.) binding application-layer semantics to the PSK identity. -Ben _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
