Description
Proposal:
Due to security concerns, neither AWS-LC nor BoringSSL support "External PSK" (as defined here) in TLS 1.3.
This issue proposes the addition of a boolean property ssl.HAS_PSK_TLS13 to indicate whether the crypto library CPython is built against supports External PSK, allowing python's test suite and consuming modules to branch accordingly.
This feature has precedent in the ssl.HAS_PSK and ssl.HAS_PHA flags indicating support (or lack thereof) for other TLS features that are not universally implemented across TLS libraries.
One Hard Thing: Naming Concerns
I'm not sure that HAS_PSK_TLS13 is the best name. While AWS-LC doesn't support "External PSKs" in TLS 1.3 (i.e. "PSK" is only used for session resumption), it does for earlier TLS versions. However, the "external" terminology established in RFC 9258 pertains specifically to TLS 1.3. So do we include EXTERNAL instead of TLS13 in the ssl module property name? My thought is "no" because it's somewhat imprecise.
A further complication is that AWS-LC does notionally support PSK in TLS 1.3, but only for session resumption (this is fine security-wise, as sessions can't span protocol versions). This makes the current suggestion of HAS_PSK_TLS13 somewhat disingenuous, as the PreSharedKeyExtension is indeed used.
Something like ssl.HAS_TLS13_EXTERNAL_PSK "feels" like an abomination, but is probably the most accurate. Anyway, I don't see a clear choice and am very open to suggestions.
Has this already been discussed elsewhere?
This is a minor feature, which does not need previous discussion elsewhere
Links to previous discussion of this feature:
Related changes to increase libcrypto/libssl compatibility (specifically with AWS-LC) have been discussed with the community here.