Viktor: > Are external PSKs applicable with resumption? No. The external PSK is only used on the initial handshake.
Section 3.2 is pointing out that a Resumption PSK can also be used with a certificate. This is allowed under RFC 8446. Russ > On Nov 29, 2023, at 11:20 AM, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote: > > On Wed, Nov 29, 2023 at 10:49:42AM -0500, Russ Housley wrote: > >> People are implementing RFC 8773, so I would like to advance this to >> the standards track. In addition, this fixes the only errata that was >> posted against RFC 8773. >> > > I am somewhat confused by an apparent conflict between: > > https://datatracker.ietf.org/doc/html/draft-ietf-tls-8773bis-00#section-3.2 > > which speaks of external PSK in the context of resumption, versus: > > https://datatracker.ietf.org/doc/html/draft-ietf-tls-8773bis-00#section-5.1 > > The "pre_shared_key" extension is defined in Section 4.2.11 of > [RFC8446]. The syntax is repeated below for convenience. All of the > listed PSKs MUST be external PSKs. If a resumption PSK is listed > along with the "tls_cert_with_extern_psk" extension, the server MUST > abort the handshake with an "illegal_parameter" alert. > > Are external PSKs applicable with resumption, or not??? > > -- > Viktor. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls