Hi folks, During auth48 I noted the following commit: https://github.com/tlswg/tls13-spec/commit/81b7ebb15bfe1ace62067cfd9e513d8c993c6ce5 which adds the requirement that the server receive psk_key_exchange_modes before it can send NST.
At any time after the server has received **both a "psk_key_exchange_modes" extension and** the client Finished message, it MAY send a NewSessionTicket message. The previous text was a bit vague on this, saying: restricts the modes for use with PSK resumption. Servers SHOULD NOT send NewSessionTicket with tickets that are not compatible with the advertised modes; however, if a server does so, the impact will just be that the client's attempts at resumption fail. You could read this as you shouldn't send NST unless the client indicated some modes, and so I think this change is good in theory, but I wanted to double check that nobody's implementation would somehow be broken up by this.... -Ekr
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
