[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: Re: [TLS] Abbreviated Handshake != Renegotiated Handshake
From: Martin Rex <mrex () sap ! com>
Date: 2009-12-21 14:21:40
Message-ID: 200912211421.nBLELeiU012354 () fs4113 ! wdf ! sap ! corp
[Download RAW message or body]
Marsh Ray wrote:
>
> Ravi Ganesan wrote:
> >
> > But regardless even if there is something in existence called a
> > "renegotiated abbreviated handshake", I think the distinction between
> > 'abbreviated handshakes without renegoitation' which are very very
> > widely used should not be confused with 'renegotiated handshakes of any
> > kind'.
Ravi, your terminology is slightly confusing. Renegotiation refers
to a TLS handshake that is performed under protection of an existing
TLS session, so the two things you could distinguish are:
- renegotiation with a full handshake
- renegotiation with an abbreviated handshake (aka session resume)
>
> Nowhere in the draft does it talk about "abbreviated handshakes".
That might be considered a defect, because it is the terminology
established by RFC-5246 7.3 Handshake Protocol Overview, Figure 2
http://tools.ietf.org/html/rfc5246#page-37
>
> Whether or not a handshake is "abbreviated" has absolutely nothing to do
> with whether or not it is an initial or a renegotiation handshake.
Correct.
-Martin
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic