On 12/21/2015 01:41 PM, Hubert Kario wrote: > if the rekey doesn't allow the application to change authentication > tokens (as it now stands), then rekey is much more secure than > renegotiation was in TLS <= 1.2
You still have the added complexity that during rekey, you need to temporarily switch from mere sending or receiving to at least half-duplex interaction. Florian _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls