Steven Valdez <sval...@google.com> writes: > Confirming that BoringSSL is using a single API for early/regular data, > since we ran into issues/complications with our implementation of dual APIs > with our use cases.
I predict that those are exactly the places you're going to have later security incidents. In particular, the use case of fusing the early and regular data into a single stream is going to lead to problems like Triple Handshake. The history of APIs where some bits have different secrecy, freshness, or authentication than the rest says they all end up with bugs related to user assumptions that blur away the difference. -Brian -- Brian Sniffen <bsnif...@akamai.com> /(* Akamai - Faster Forward _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
