Hmmm... I think it probably goes in this draft, but I'm open to being wrong.
On Thu, Dec 3, 2020 at 12:46 PM Salz, Rich <rs...@akamai.com> wrote: > > - I'm not sure if it's ever been written down anywhere (probably > should be...), but I think resumption is pretty much universally > interpreted as authenticating as the identities presented over the original > connection, client and server. That means that, independent of this draft, > the client should only offer a session if it is okay with both accepting > the original server identity, and presenting the original client identity. > (Analogously, HTTP connection reuse reuses TLS handshake-level decisions, > so you have to be okay with that decision to reuse the connection.) > > > > Totally agree. @ekr, you want to make this change in your BIS draft? > > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls