Open Bug 1256137 Opened 8 years ago Updated 2 years ago

Expose true cipher suite for resumption-PSK

Categories

(NSS :: Libraries, defect, P3)

Tracking

(firefox48 affected)

Tracking Status
firefox48 --- affected

People

(Reporter: ekr, Unassigned)

Details

NSS's current API behavior with resumption is to expose a cipher suite that matches the original handshake (e.g., ECDHE even though the resumption doesn't do a fresh key exchange). We continue that behavior with resumption-PSK in TLS 1.3, but it would be nice to expose the true information as well. Note that because we require the same symmetric algorithms, the variance for TLS 1.3 is the same as with TLS 1.2.
Priority: -- → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.