Martin Rex <m...@sap.com> writes: >Truncating the PRF output to 12 octets for TLSv1.2 seems like an error.
It's not an error, it's IPsec cargo cult design. OK, using cargo cult design for a security protocol probably rates as an error, but the choice of exactly 96 bits was deliberate rather than the full size was deliberate. Peter. _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf