RFC Errata
RFC 8446, "The Transport Layer Security (TLS) Protocol Version 1.3", August 2018
Source of RFC: tls (sec)
Errata ID: 7003
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Ben Smyth
Date Reported: 2022-06-22
Section 4.6.1. says:
At any time after the server has received the client Finished message, it MAY send a NewSessionTicket message.
It should say:
At any time after the server has received both a "psk_key_exchange_modes" extension and a Finished message, it MAY send a NewSessionTicket message.
Notes:
Section 4.2.9. demands
In order to use PSKs, clients MUST also send a "psk_key_exchange_modes" extension.
Hence, an additional restriction is needed in Section 4.6.1.