TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f164b6a7ff940ff0501ce06045a97f96146d3d55^! / . / docs / architecture / tls13-experimental.md
commitf164b6a7ff940ff0501ce06045a97f96146d3d55[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Mon Sep 27 15:36:29 2021 +0200
committerRonald Cron <ronald.cron@arm.com>Mon Sep 27 15:48:09 2021 +0200
tree6a5519485ac044b79782dad31c81b18e078829ad
parent847c3580b8e2f25e724395e748914c8b024237b6 [diff] [blame]
Add an overview section

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md
index 481caef..5421492 100644
--- a/docs/architecture/tls13-experimental.md
+++ b/docs/architecture/tls13-experimental.md

@@ -71,12 +71,34 @@
 MVP definition
 --------------
 
-The TLS 1.3 MVP implements only the client side of the protocol.
-The TLS 1.3 MVP does not support the handling of server HelloRetryRequest and
-CertificateRequest messages. If it receives one of those messages, it aborts
-the handshake with an handshake_failure closure alert and the
-`mbedtls_ssl_handshake()` returns in error with the
-`MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` error code.
+- Overview
+
+  - The TLS 1.3 MVP implements only the client side of the protocol.
+
+  - The TLS 1.3 MVP supports ECDHE key establishment.
+
+  - The TLS 1.3 MVP does not support DHE key establishment.
+
+  - The TLS 1.3 MVP does not support pre-shared keys, including any form of
+    session resumption. This implies that it does not support sending early
+    data (0-RTT data).
+
+  - The TLS 1.3 MVP supports the authentication of the server by the client
+    but does not support authentication of the client by the server. In terms
+    of TLS 1.3 authentication messages, this means that the TLS 1.3 MVP
+    supports the processing of the Certificate and CertificateVerify messages
+    but not of the CertificateRequest message.
+
+  - The TLS 1.3 MVP does not support the handling of server HelloRetryRequest
+    message. In practice, this means that the handshake will fail if the MVP
+    does not provide in its ClientHello the shared secret associated to the
+    group selected by the server for key establishement. For more information,
+    see the comment associated to the `key_share` extension below.
+
+  - If the TLS 1.3 MVP receives a HelloRetryRequest or a CertificateRequest
+    message, it aborts the handshake with an handshake_failure closure alert
+    and the `mbedtls_ssl_handshake()` returns in error with the
+    `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` error code.
 
 - Supported cipher suites: depends on the library configuration. Potentially
   all of them: