[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] =?utf-8?b?wqBFeHRlbnNpb25zwqBhbmTCoHNlc3Npb27CoHJlc3VtcHRp?==?utf-8?q?on?=

To: =?utf-8?q?Mike=C2?= <mike-list@xxxxxxxxx>
Subject: Re: [TLS] =?utf-8?b?wqBFeHRlbnNpb25zwqBhbmTCoHNlc3Npb27CoHJlc3VtcHRp?==?utf-8?q?on?=
From: badra@xxxxxxxx
Date: Sat, 3 May 2008 13:09:03 +0200 (CEST)
Cc: tls@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
Importance: Normal
In-reply-to: <481C40CF.6060708@xxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <481C40CF.6060708@xxxxxxxxx>
Sender: tls-bounces@xxxxxxxx
User-agent: SquirrelMail/1.4.2

> It's late, so I might be missing something, but I
> can't find any information about what clients and
> servers should put into hello extensions when they
> intend to resume a previous session.


In [RFC4366] section 3:

      If the resumption request is denied, the use of the extensions is
      negotiated as normal.

      If, on the other hand, the older session is resumed, then the
      server MUST ignore the extensions and send a server hello
      containing none of the extension types.  In this case, the
      functionality of these extensions negotiated during the original
      session initiation is applied to the resumed session.


> My code wants at least the server name extension
> to be in the client hello in order for the server
> to easily find the cached session (since you can
> set up multiple session caches).  But it also makes
> some sense to require the inclusion of truncated
> HMAC, for example.

I think this is not possible with the current specifications (the *MUST*
in the text above). Instead, this could be done using a local mapping.

Best regards,
Badra
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] =?utf-8?b?wqBFeHRlbnNpb25zwqBhbmTCoHNlc3Npb27CoHJlc3VtcHRp?==?utf-8?q?on?=
  - From: Pasi.Eronen
- Re: [TLS] Extensions and session resumption
  - From: Mike
- Re: [TLS] Extensions and session resumption
  - From: Eric Rescorla

References:
- [TLS] Extensions and session resumption
  - From: Mike

Prev by Date: [TLS] Extensions and session resumption
Next by Date: Re: [TLS] Extensions and session resumption
Previous by thread: [TLS] Extensions and session resumption
Next by thread: Re: [TLS] Extensions and session resumption
Index(es):
- Date
- Thread