alandekok
commented
1 year ago Barring one nit, I think this looks good.
Closed h-vn closed 1 year ago
alandekok
commented
1 year ago Barring one nit, I think this looks good.
Revert a change in commit https://github.com/emu-wg/rfc7170bis/commit/69a883ef2d95a7c817a13c275d84f367e4d6b1a4 where MSK was also passed to TLS-PRF during IMSK derivation. This would break compatibility with RFC 7170 and existing implementations.
Note that the above commit by itself does not immediately cause a problem. When combined with the commit below, TLS-PRF(EMSK[j] ...) gets changed to TLS-PRF(secret, ...) where 'secret' would also include MSK.
Revert a change in commit https://github.com/emu-wg/rfc7170bis/commit/44f8a758ceb785fec398503a5aab31a8c8cfba30 where EMSK was also adjusted to 32 octet length. RFC 7170 passes unadjusted EMSK to TLS-PRF and any adjustments would break compatibility with RFC 7170 and existing implementations.
Clarify text in the case where there's no EMSK or MSK and the IMSK must be set to 32 zero-bit octets.