RFR: 8277307: Pre shared key sent under both session_ticket and pre_shared_key extensions [v2]
Sean Coffey
coffeys at openjdk.java.net
Fri Jun 3 08:52:48 UTC 2022
On Thu, 2 Jun 2022 21:02:16 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> Session ticket extension should only contain pre-TLS1.3 stateless session tickets; it should not be used for sending TLS1.3 pre-shared keys.
>
> Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
>
> different check for TLS13
Looks good to me
-------------
Marked as reviewed by coffeys (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/8922
More information about the security-dev
mailing list