We now have DTLS 1.3 implemented in NSS, which went pretty cleanly. The one thing we ran into was the potential need to ACK in cases where you can't process *any* records (e.g., you receive what's actually EE, but you can't decrypt it). In this case, you want to send an empty ACK.
See PR: https://github.com/tlswg/dtls13-spec/pull/14 This will be going into -02 modulo big objections. -Ekr
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
