X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=doc%2Fman3%2FSSL_CTX_use_psk_identity_hint.pod;h=c8f7526610a8a56912ce5d0302f152c0daf23039;hb=8bf366519661e12fd894dc5420f5b64dccfd7ecd;hp=2b2bc3e20dd15916e226f84a0ff11df52e6a7da2;hpb=b0edda11cbfe91e8b99b09909a80a810d0143891;p=openssl.git

diff --git a/doc/man3/SSL_CTX_use_psk_identity_hint.pod b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
index 2b2bc3e20d..c8f7526610 100644
--- a/doc/man3/SSL_CTX_use_psk_identity_hint.pod
+++ b/doc/man3/SSL_CTX_use_psk_identity_hint.pod
@@ -123,6 +123,16 @@ completely.
 The B<SSL_psk_find_session_cb_func> callback should return 1 on success or 0 on
 failure. In the event of failure the connection setup fails.
 
+=head1 NOTES
+
+There are no known security issues with sharing the same PSK between TLSv1.2 (or
+below) and TLSv1.3. However the RFC has this note of caution:
+
+"While there is no known way in which the same PSK might produce related output
+in both versions, only limited analysis has been done.  Implementations can
+ensure safety from cross-protocol related output by not reusing PSKs between
+TLS 1.3 and TLS 1.2."
+
 =head1 SEE ALSO
 
 L<SSL_CTX_set_psk_use_session_callback(3)>,