Michael D'Errico [mailto:[email protected]] writes:
> Glen Zorn wrote: > > Section 3 says "TLS clients MUST NOT send SSL 2.0 CLIENT-HELLO > messages." > > and "TLS servers MUST NOT negotiate or use SSL 2.0" and later "TLS > servers > > that do not support SSL 2.0 MAY accept version 2.0 CLIENT-HELLO > messages as > > the first message of a TLS handshake for interoperability with old > clients." > > Taken together, I find these statements quite confusing, if not > outright > > self-contradictory. Maybe, a "However" might fix the problem, though: > > > > TLS servers MUST NOT negotiate or use SSL 2.0; however, TLS > servers > > MAY accept SSL 2.0 CLIENT-HELLO messages as the first message of a > > TLS handshake in order to maintain interoperability with legacy > > clients. > > Glen, > > There is no contradiction among the statements, but they may be > confusing (I > can't tell anymore since I've gone through the drafts several times). Maybe I just don't understand the word "use". It seems like if a server accepts a protocol message it's using the protocol... ... _______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
