Hi Thom, Many thanks for clarification. Another small clarifying question inline:
On 19.11.25 06:36, Thom Wiggers wrote:
And indeed, what applies to the Main Secret applies to the other “internal” keys just as well.
By "internal keys" you mean all the keys in the TLS 1.3 key schedule except for "exporter value" as defined in Sec. 7.5 of RFC8446bis, right?
In other words, the set of "/external/ keys" would have just two keys: 1. "early" exporter value (which takes only ClientHello from handshake) 2. Exporter value (which takes up to ServerFinished from handshake) -Usama
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
