But still, RFC 4346 says the key_block is split as: > client_write_MAC_secret[SecurityParameters.hash_size] > server_write_MAC_secret[SecurityParameters.hash_size]i.e., "CipherSpec.hash_size" isn't used here. I think the intention is that only the final MAC value sent in the record is truncated, and nothing else. This is certainly how my implementation works.
Ok, so my implementation is correct then. I still think that the spec. could be clearer in stating that SecurityParameters. hash_size is not affected. Or change CipherSpec.hash_size to CipherSpec.mac_length to remove the confusion. Mike _______________________________________________ TLS mailing list TLS@xxxxxxxxxxxxxx https://www1.ietf.org/mailman/listinfo/tls