-
Bug
-
Resolution: Unresolved
-
P5
-
None
-
8, 26
-
None
According to RFC 8446 section 4.2.8
"""
Clients can offer as many KeyShareEntry values as the number of
supported groups it is offering, each representing a single set of
key exchange parameters. For instance, a client might offer shares
for several elliptic curves or multiple FFDHE groups. The
key_exchange values for each KeyShareEntry MUST be generated
independently. Clients MUST NOT offer multiple KeyShareEntry values
for the same group. Clients MUST NOT offer any KeyShareEntry values
for groups not listed in the client's "supported_groups" extension.
Servers MAY check for violations of these rules and abort the
handshake with an "illegal_parameter" alert if one is violated.
"""
TLS does not currently verify these rules, although said verification is not required.
"""
Clients can offer as many KeyShareEntry values as the number of
supported groups it is offering, each representing a single set of
key exchange parameters. For instance, a client might offer shares
for several elliptic curves or multiple FFDHE groups. The
key_exchange values for each KeyShareEntry MUST be generated
independently. Clients MUST NOT offer multiple KeyShareEntry values
for the same group. Clients MUST NOT offer any KeyShareEntry values
for groups not listed in the client's "supported_groups" extension.
Servers MAY check for violations of these rules and abort the
handshake with an "illegal_parameter" alert if one is violated.
"""
TLS does not currently verify these rules, although said verification is not required.