path: root/doc/man3/SSL_CTX_use_psk_identity_hint.pod
diff options
authorJung-uk Kim <jkim@FreeBSD.org>2020-09-22 14:27:08 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2020-09-22 14:27:08 +0000
commit92f02b3b0f21350e7c92a16ca9b594ad7682c717 (patch)
tree00444fe1520f87a0f22770b5c0be936737fb2179 /doc/man3/SSL_CTX_use_psk_identity_hint.pod
parent65aa3028e51cba07879f3dc4608949c5c6b9fcc0 (diff)
Import OpenSSL 1.1.1h.vendor/openssl/1.1.1h
Notes: svn path=/vendor-crypto/openssl/dist/; revision=365997 svn path=/vendor-crypto/openssl/1.1.1h/; revision=365998; tag=vendor/openssl/1.1.1h
Diffstat (limited to 'doc/man3/SSL_CTX_use_psk_identity_hint.pod')
1 files changed, 5 insertions, 3 deletions
diff --git a/doc/man3/SSL_CTX_use_psk_identity_hint.pod b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
index 0957ade5e106..b39fc09169ac 100644
--- a/doc/man3/SSL_CTX_use_psk_identity_hint.pod
+++ b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
@@ -83,7 +83,9 @@ via SSL_CTX_set_psk_find_session_callback() or SSL_set_psk_find_session_callback
and it will use that in preference. If no such callback is present then it will
check to see if a callback has been set via SSL_CTX_set_psk_server_callback() or
SSL_set_psk_server_callback() and use that. In this case the handshake digest
-will default to SHA-256 for any returned PSK.
+will default to SHA-256 for any returned PSK. TLSv1.3 early data exchanges are
+possible in PSK connections only with the B<SSL_psk_find_session_cb_func>
+callback, and are not possible with the B<SSL_psk_server_cb_func> callback.
=head1 NOTES
@@ -126,7 +128,7 @@ failure. In the event of failure the connection setup fails.
=head1 NOTES
There are no known security issues with sharing the same PSK between TLSv1.2 (or
-below) and TLSv1.3. However the RFC has this note of caution:
+below) and TLSv1.3. However, the RFC has this note of caution:
"While there is no known way in which the same PSK might produce related output
in both versions, only limited analysis has been done. Implementations can
@@ -145,7 +147,7 @@ were added in OpenSSL 1.1.1.
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy