RFR 8206929: Check session context for TLS session resumption
Xuelei Fan
xuelei.fan at oracle.com
Mon Jul 16 19:04:07 UTC 2018
On 7/16/2018 10:38 AM, Adam Petcher wrote:
> Note that the relationship between sessions/PSKs and cipher suites is
> different in TLS 1.2 vs 1.3. In TLS 1.3, the cipher suite doesn't need
> to match---only the hash algorithm needs to match.
I did not get your point. Would you mind describe it more?
Xuelei
> We can make our
> implementation more permissive in the future, but for now, checking
> cipher suites is simpler.
More information about the security-dev
mailing list