Document TLS 1.3 MVP limitation regarding MBEDTLS_USE_PSA_CRYPTO
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md
index 9e9aad3..722ac63 100644
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md
@@ -126,8 +126,11 @@
The TLS 1.3 MVP is compatible with all TLS 1.2 configuration options in the
sense that when enabling the TLS 1.3 MVP in the library there is no need to
- modify the configuration for TLS 1.2. Mbed TLS SSL/TLS related features are
- not supported or not applicable to the TLS 1.3 MVP:
+ modify the configuration for TLS 1.2. The MBEDTLS_USE_PSA_CRYPTO configuration
+ option is an exception though, the TLS 1.3 MVP is not compatible with it.
+
+ Mbed TLS SSL/TLS related features are not supported or not applicable to the
+ TLS 1.3 MVP:
| Mbed TLS configuration option | Support |
| ---------------------------------------- | ------- |
@@ -161,7 +164,7 @@
| MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED | n/a |
| | |
- | MBEDTLS_USE_PSA_CRYPTO | no |
+ | MBEDTLS_USE_PSA_CRYPTO | no (3) |
(1) Some support has already been upstreamed but it is incomplete.
(2) Key exchange configuration options for TLS 1.3 will likely to be