- From: Tim Seaward <notifications@github.com>
- Date: Sat, 26 Aug 2017 17:09:30 +0000 (UTC)
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Saturday, 26 August 2017 17:09:55 UTC
My nagging thought here is, with the coming of TLS 1.3, will export material be available to clients in some programmable fashion? If so would this allow some "other" code that is reusing the connection to gain access to material that is potentially used to key/protect secret data? Would it basically make the "connection based" export key material "public" to anything running in the context? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/341#issuecomment-325147771
Received on Saturday, 26 August 2017 17:09:55 UTC