Casey Marshall wrote:
On Nov 15, 2006, at 5:02 PM, Mike wrote:I have a question regarding the truncated HMAC extension. When this extension is negotiated, the spec says that CipherSpec.hash_size is 10 bytes. So does that mean I should only generate 10 bytes for each MAC secret?From RFC 4366, section 3.5:"Note that this extension does not affect the calculation of the pseudo-random function (PRF) as part of handshaking or key derivation."
I saw that, but interpreted it to mean that the HMAC used in the PRF itself is not truncated. It is still unclear to me whether saying "CipherSpec.hash_size = 10" means that the MAC secrets should be 10 bytes. My implementation currently computes the MAC secrets the same whether HMAC truncation is specified or not. However, I think the spec. could be clarified to say that the secrets are not reduced to 10 bytes (if that's the intention). I suggest getting rid of the statement that CipherSpec.hash_size changes when the extension is used. Mike _______________________________________________ TLS mailing list TLS@xxxxxxxxxxxxxx https://www1.ietf.org/mailman/listinfo/tls