Document that we do not implement the anti-replay defenses Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 1987a7c0681f9c307daa4239fdea01963bbd6c28 [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Thu Mar 14 19:05:26 2024 +0100
committer: Ronald Cron <ronald.cron@arm.com> Fri Mar 15 10:46:04 2024 +0100
tree: 86fed4a4d12e30c2d82f085fbbeb45413f396de2
parent: d514d9c7988c39e04b3a802cd0b1ee4051b6b1c2 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 39bea79..3a0800b 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -5224,6 +5224,11 @@
  *                   same warnings apply to any use of the
  *                   early_exporter_master_secret.
  *
+ *                 Mbed TLS does not implement one of the anti-replay defenses
+ *                 defined in section 8 of the TLS 1.3 specification:
+ *                 single-ticket use or ClientHello recording within a given
+ *                 time window.
+ *
  * \note           This function is used in conjunction with
  *                 mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(),
  *                 mbedtls_ssl_read() and mbedtls_ssl_write() to read early
commit	1987a7c0681f9c307daa4239fdea01963bbd6c28	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Thu Mar 14 19:05:26 2024 +0100
committer	Ronald Cron <ronald.cron@arm.com>	Fri Mar 15 10:46:04 2024 +0100
tree	86fed4a4d12e30c2d82f085fbbeb45413f396de2
parent	d514d9c7988c39e04b3a802cd0b1ee4051b6b1c2 [diff] [blame]