Encourage greasing PSK. Fixes #606 (#610)

tlswg · Mar 4, 2024 · dca0d9e · dca0d9e
1 parent 1ed98b5
commit dca0d9e
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/draft-ietf-tls-esni.md b/draft-ietf-tls-esni.md
@@ -707,8 +707,9 @@ in the ClientHelloInner. In this case, when resuming a session with the client,
 the backend server sends a "pre_shared_key" extension in its ServerHello. This
 would appear to a network observer as if the server were sending this
 extension without solicitation, which would violate the extension rules
-described in {{RFC8446}}. Sending a GREASE "pre_shared_key" extension in the
-ClientHelloOuter makes it appear to the network as if the extension were
+described in {{RFC8446}}. When offering a PSK in ClientHelloInner,
+Clients SHOULD sending a GREASE "pre_shared_key" extension in the
+ClientHelloOuter to make it appear to the network as if the extension were
 negotiated properly.
 
 The client generates the extension payload by constructing an `OfferedPsks`