> On 27 Jan 2020, at 05:46, Joseph Salowey <[email protected]> wrote: > > [Joe] THis is not the only the derivation could be interpreted. The null > after the label and the inclusion of the length are part of RFC 8295 and not > the TLS PRF. To fix this errata I think we should define the TLS-PRF to be > P_<hash> with a length parameter for TLS 1.2 and then use the definitions > above that explicitly define the 3 inputs. TLS 1.3 defines the PRF in terms > of HKDF extract and expand functions from RFC 5869 so there would need to be > some mapping to 1.3 as well.
So… I’m not sure we can deal with 1.3 in an erratum, but we sure as heck shouldn’t make it harder later. I think what you are suggesting matches the OpenSSL call as well, which is where much of this derives from.
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
