RFR: 8277307: Pre shared key sent under both session_ticket and pre_shared_key extensions [v2]
Bradford Wetmore
wetmore at openjdk.java.net
Thu Jun 9 18:55:01 UTC 2022
On Thu, 2 Jun 2022 21:02:16 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> Session ticket extension should only contain pre-TLS1.3 stateless session tickets; it should not be used for sending TLS1.3 pre-shared keys.
>
> Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
>
> different check for TLS13
A little late to this review as it's already been pushed, but I would have suggested leaving the `return new SessionTicketSpec().getEncoded();` as it keeps the encapsulation more clear. Otherwise, it looks good.
-------------
PR: https://git.openjdk.org/jdk/pull/8922
More information about the security-dev
mailing list