[openssl-users] session resumption tls1.2/tls1.3
Matt Caswell
matt at openssl.org
Wed Jul 19 09:27:45 UTC 2017
On 18/07/17 22:27, Neetish Pathak wrote:
> Hi ,
> thanks Matt, this is helpful
>
>
> One more query on how I can enable 0.5 RTT data from the server side. It
> is mentioned in TLS 1.3 specification. I thought it can be implemented
> by sending early data from server side after reading the early data.
That is correct, and is as documented on this page:
https://www.openssl.org/docs/manmaster/man3/SSL_write_early_data.html
> But then how can that data be read on the client side since
> read_early_data api is invalid on client side ?
0.5 RTT data is sent from the server to an unauthenticated client. At
this point in the process the server has sent all of its messages
(including its Certificate/CertificateVerify/Finished messages) but it
has not received the Client Finished or any client
Certificate/CertificateVerify if one is going to be sent.
>From the client's perspective 0.5 RTT data is received *after* it has
processed the server's Certificate/CertificateVerify/Finished messages),
and after it has sent its own Finished (and
Certificate/CertificateVerify if appropriate). In other words from the
client's perspective the server is fully authenticated and 0.5 RTT data
is indistinguishable from post-handshake data. Just use SSL_read() as
normal to receive it.
Matt
More information about the openssl-users
mailing list