Russ, Yeah the change looks right. The server is selecting based on what’s in the ClientHello. Anybody else see it differently?
spt > On Aug 11, 2023, at 12:35, Russ Housley <hous...@vigilsec.com> wrote: > > I believe thatthis errata should be verified. > >> On Aug 11, 2023, at 12:23 PM, RFC Errata System <rfc-edi...@rfc-editor.org> >> wrote: >> >> The following errata report has been submitted for RFC8773, >> "TLS 1.3 Extension for Certificate-Based Authentication with an External >> Pre-Shared Key". >> >> -------------------------------------- >> You may review the report below and at: >> https://www.rfc-editor.org/errata/eid7598 >> >> -------------------------------------- >> Type: Editorial >> Reported by: Russ Housley <hous...@vigilsec.com> >> >> Section: 5.1 >> >> Original Text >> ------------- >> When the "psk_key_exchange_modes" extension is included in the >> ServerHello message, servers MUST select the psk_dhe_ke mode >> for the initial handshake. >> >> Corrected Text >> -------------- >> When the "psk_key_exchange_modes" extension is included in the >> ClientHello message, servers MUST select the psk_dhe_ke mode >> for the initial handshake. >> >> Notes >> ----- >> According to RFC 8446, the "psk_key_exchange_modes" extension only appears >> in the ClientHello message. Further, the slides presented on this topic at >> IETF 101show the "psk_key_exchange_modes" extension in the ClientHello >> message and no other place. It is pretty clear that this is an editorial >> error. >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". If necessary, please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party >> can log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC8773 (draft-ietf-tls-tls13-cert-with-extern-psk-07) >> -------------------------------------- >> Title : TLS 1.3 Extension for Certificate-Based Authentication >> with an External Pre-Shared Key >> Publication Date : March 2020 >> Author(s) : R. Housley >> Category : EXPERIMENTAL >> Source : Transport Layer Security >> Area : Security >> Stream : IETF >> Verifying Party : IESG > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls