RE: [TLS] Issue 49: Finished.verify length
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [TLS] Issue 49: Finished.verify length
Bodo Moeller wrote:
> > My suggestion was *not* to increase the current length, but rather
> > to add "agility" for this parameter as well (so that we don't
> > need to revisit the TLS base spec if, e.g., some future cipher
> > suite wants to have all the pieces at 256-bit level).
>
> OK, this makes perfect sense! The question as cited here was,
> should the verify_data length depend *on the PRF*. It shouldn't;
> but that doesn't mean we can't allow individual ciphersuites to
> specify their preferred verify_data lengths.
The PRF depends on the ciphersuite, so having the verify_data length
depend on the PRF (or in other words: specifying the verify_data
length at the same place as the PRF) would be one relative simple
approach.
(But we could allow different ciphersuites using the same PRF
to use different verify_data lengths as well)
Best regards,
Pasi
_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
