On 11/01/2021 08:20, Benjamin Kaduk wrote:
Current recommendations are not to use the finished message as the channel binding but instead to define key exporter label for the given usage (see https://tools.ietf.org/html/rfc8446#section-7.5), using SSL_export_keying_material().
Follow-on question on SSL_export_keying_material() - what "label" should I supply? I need to interwork with other implementations that are using SSL_get_finished() (client side) / SSL_get_peer_finished() (server side). Does that imply I should use "client finished" (per https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels ) as the label? Does the label length for the SSL_export_keying_material() call include the terminating NUL or not? -- Cheers, Jeremy
