On 2 June 2016 at 08:56, Eric Rescorla wrote:
>> (Although, do we actually get the stronger protection if the client
>> accepts plain RSA key exchange? I've never been very clear on that.
>> Realistically, clients will be accepting plain RSA for a long while.)
>
>
> Yes, that's
An update to a meeting session request has just been submitted by Sean Turner,
a Chair of the tls working group.
-
Working Group Name: Transport Layer Security
Area Name: Security Area
Session Requester: spt
Number of Sessions: 1
Length
On Wed, Jun 1, 2016 at 6:43 PM Eric Rescorla wrote:
> 2% is actually pretty good, but I agree that we're going to need fallback.
>
> I'd be fine with moving the 8 bytes to the end, but I wonder if it would
> be better to
> instead have the *client* indicate its max version and the
2% is actually pretty good, but I agree that we're going to need fallback.
I'd be fine with moving the 8 bytes to the end, but I wonder if it would be
better to
instead have the *client* indicate its max version and the server check.
That would
have the advantage that it would leave more of the
In case folks hoped we could bump the ClientHello version without those
dreaded browser fallbacks, I have bad news. :-( 1.3 intolerance very much
exists. (Maybe we should just give up on ClientHello.version and use an
extension? Extensions have rusted less.)
I picked a large list of top sites and
A new meeting session request has just been submitted by Joseph A. Salowey, a
Chair of the tls working group.
-
Working Group Name: Transport Layer Security
Area Name: Security Area
Session Requester: J. Salowey
Number of Sessions: 1