I think it’s ready and addresses the FATT concerns well enough. One nit.
If the external PSK is used for more than one session and it is known by the client, server and others, then the confidentially is limited to the group that knows the external PSK, but[SHOULD THAT BE AND?] there is no cryptographic separation between TLS 1.3 sessions.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
