On Jan 3, 2017, at 9:36 PM, Martin Thomson <martin.thom...@gmail.com> wrote:
> On 4 January 2017 at 12:02, Benjamin Kaduk <bka...@akamai.com> wrote: >> I also had the sense that ekr noted that we didn't want to do this in the >> core spec. >> So, could you point me more clearly at what you would want to change in the >> core spec that would allow doing the thing you want to see done in a future >> document? (Is it just removing "i.e., when a PSK is not in use"?) > > I for one am interested in having a mode that allows for PSK+cert, but > it's hard to reason through. It falls into the same bucket as > additive *server* authentication, which has the same inherent > problems. Foremost being a solid analysis. > > Mechanically, it is fairly simple to add as an extension. That makes > me confident that we can do this later. Mee too. At this point, the spec calls for the identity to come from the PSK or the certificate. I think there needs to be a hook in the document for the identity to come from a combination of the PSK and the certificate. I recognize this is a forward pointer to stuff that is not yet sorted out. Russ _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls