session
Click on the red underlined text to get to the source
... client hello may be sent both when
starting a new session and when requesting session resumption.
Indeed, a client ...
... starting a new session and when requesting session resumption.
Indeed, a client that requests resumption of a session ...
... session resumption.
Indeed, a client that requests resumption of a session does not in
general know whether the server will accept this request, and
therefore it SHOULD send an extended client hello ...
... therefore it SHOULD send an extended client hello if it would
normally do so for a new session. In general the specification of
each extension type must include a discussion of the effect of the
...
... each extension type must include a discussion of the effect of the
extension both during new sessions and during resumed sessions.
...
... discussion of the effect of the
extension both during new sessions and during resumed sessions.
...
...
Note also that all the extensions defined in this section are
relevant only when a session is initiated. When a client includes
one or more of the defined extension types in an extended client
hello ...
... client includes
one or more of the defined extension types in an extended client
hello while requesting session resumption:
- If the resumption request is denied, the use of the extensions is
...
... negotiated as normal.
- If, on the other hand, the older session is resumed, then the
server MUST ignore the extensions and send a server hello
...
... containing none of the extension types. In this case, the
functionality of these extensions negotiated during the original
session initiation is applied to the resumed session.
...
... functionality of these extensions negotiated during the original
session initiation is applied to the resumed session.
Section 3.1 describes the extension of TLS ...
... application protocol. If the server_name is
established in the TLS session handshake, the client SHOULD NOT
...
... messages.
The negotiated length applies for the duration of the session
including session resumptions.
...
... The negotiated length applies for the duration of the session
including session resumptions.
The negotiated length limits the input that the record layer ...
... new cipher suites are added that do not use HMAC, and
the session negotiates one of these cipher suites, this extension
will have no effect. It is strongly recommended that any new cipher
suites ...
... other negotiated security parameters. Subsequently during the
session, clients and servers MUST use truncated HMACs, calculated as
...
... The negotiated HMAC truncation size applies for the duration of the
session including session resumptions.
...
... TLS, a single failed MAC guess will cause the
immediate termination of the TLS session.
Since the MAC algorithm ...
... truncated HMAC in the future, if either the
client or the server for a given session were updated to take the
problem into account, it would be able to veto use of this extension.
...