Hi all, we have just submitted a draft that extends the key update functionality of TLS/DTLS 1.3. We call it the "extended key update" because it performs an ephemeral Diffie-Hellman as part of the key update.
The need for this functionality surfaced in discussions in a design team of the TSVWG. The need for it has, however, already been discussed years ago on the TLS mailing list in the context of long-lived TLS connections in industrial IoT environments. Unlike the TLS 1.3 Key Update message, which is a one-shot message, the extended Key Update message requires a full roundtrip. Here is the link to the draft: https://datatracker.ietf.org/doc/draft-tschofenig-tls-extended-key-update/ I am curious what you think. Ciao Hannes
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls