Internal key escrow is a REASONABLE THING TO WANT. But it is not a reasonable thing to stall TLS 1.3 on.
Really? OOB PSK with no DH works, makes sense, but resume? KX alg would change across the sessions, which would be bizarrely tolerant.
-
-
Allowed and supported. Lets servers opt out of expensive public key ops during resumption.
-
Seems insane on two fronts: 1/ It's incompatible with a best practice for resume: negotiate as normal and only resume if all params match.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.