Sorry for the confusion I caused. HKDF is part of SP 800-56C. NIST says that what TLS 1.3 does isn't quite the same, and therefore will not be covered by 56C. NIST wants to get TLS 1.3 validated for FIPS, and is currently trying to figure out how to do so. The comment period for 56C closes Friday, and getting the TLS 1.3 KDF accepted into that is one way to get TLS 1.3 into FIPS.
Hope this helps clear things up. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls