- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Mon, 3 Nov 2014 14:18:46 -0800
- To: Michael Sweet <msweet@apple.com>
- Cc: Roland Zink <roland@zinks.de>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 3 November 2014 12:49, Michael Sweet <msweet@apple.com> wrote: > Based on the TLS mailing list discussion, it sounds like there is serious consideration of keeping the PSK suites, which as I understand it do not support AEAD (but I am not a TLS expert, so I could easily be mistaken...) AEAD is record protection; PSK is for key exchange. These are orthogonal. The questions related to PSK relate to their interaction with foward-secrecy-capable key exchange (which the 1.3 draft currently assumes is the only form of full handshake) and with renegotiation (since Karthik noted that PSK is currently interchangeable with renegotiation in many cases).
Received on Monday, 3 November 2014 22:19:13 UTC