[openssl-project] [TLS] Yet more TLS 1.3 deployment updates
tjh at openssl.org
Thu Jan 24 12:02:59 UTC 2019
On Thu, Jan 24, 2019 at 9:45 PM Matt Caswell <matt at openssl.org> wrote:
> > This notion of "handshake" is not supported by RFC 8446 uses the terms
> > handshake", "a handshake", and "post-handshake". "Post-handshake", in
> > particular, implies KeyUpdate are after the handshake, not part of it.
> I just don't agree with you here. About the best that can be said about
> in this regards is that the term handshake is overloaded. It certainly
> does mean
> "the initial handshake" in the way that you describe (and I myself use the
> to mean that). But it is *also* used in other contexts, such as "handshake
> messages" or "handshake protocol" where it is referring to things not
> necessarily constrained to the initial handshake.
I agree with Matt here - there is no such clear distinction made in RFC8446
- with "handshake" being used in *all *contexts.
If such a distinction was intended by the IETF WG then they failed to
achieve it in RFC8446 in numerous places.
Quoting RFC8446 ...
4.6.3. Key and Initialization Vector Update
The KeyUpdate *handshake message ...*
It doesn't help that it has 4.6 Post-Handshake Message section which states
"after the main handshake" also indicating that the handshake messages are
handshakes too - just not the "main handshake".
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-project