NewSessionTicket always includes in-handshake client auth. The resumption secret can't even be derived without it.
On Tue, Feb 14, 2017 at 10:21 AM David Wong <davidwong.cry...@gmail.com> wrote: > I can see this problem even in the case where the client sends an empty > Certificate message during the handshake. If the application does not tell > the client what happened, a NewSessionTicket has no way of indicating if it > will include client-auth in the next session. > > David > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls