subject:"\[TLS\] draft\-ietf\-tls\-tls13\-24 supported

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-02 Thread Eric Rescorla

On Fri, Mar 2, 2018 at 12:21 AM, Nikos Mavrogiannopoulos wrote: > On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote: > > > > I believe you are misinterpreting the text, but agree that it could > > be > > made more clear. > > > > Suppose that the ClientHello includes a

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-02 Thread Nikos Mavrogiannopoulos

On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote: > > I believe you are misinterpreting the text, but agree that it could > be > made more clear. > > Suppose that the ClientHello includes a supported_versions > extensions > that contains two values, TLS 1.4 and TLS 1.0, and the server

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-01 Thread Eric Rescorla

On Thu, Mar 1, 2018 at 10:42 AM, David Benjamin wrote: > FWIW, this was BoringSSL's interpretation as well. We don't consider > supported_versions an acceptable TLS 1.2 (or earlier) ServerHello > extension. I generally agree that we shouldn't add new unnecessary >

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-01 Thread David Benjamin

FWIW, this was BoringSSL's interpretation as well. We don't consider supported_versions an acceptable TLS 1.2 (or earlier) ServerHello extension. I generally agree that we shouldn't add new unnecessary combinations. (TBH, I don't even consider the ability to advertise TLS 1.3 and TLS 1.1 on the

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-01 Thread David A. Cooper

I believe you are misinterpreting the text, but agree that it could be made more clear. Suppose that the ClientHello includes a supported_versions extensions that contains two values, TLS 1.4 and TLS 1.0, and the server supports TLS 1.3 and below. My interpretation of the current draft is

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-01 Thread Eric Rescorla

On Thu, Mar 1, 2018 at 5:24 AM, Nikos Mavrogiannopoulos wrote: > The TLS draft after version -21 requires TLS1.3 servers to negotiate > pre-TLS1.3 versions with a new, mechanism. The document states: > >"If this extension is present, servers MUST ignore the >

[TLS] draft-ietf-tls-tls13-24 supported_versions complexity

2018-03-01 Thread Nikos Mavrogiannopoulos

The TLS draft after version -21 requires TLS1.3 servers to negotiate pre-TLS1.3 versions with a new, mechanism. The document states: "If this extension is present, servers MUST ignore the ClientHello.legacy_version value and MUST use only the "supported_versions" extension to determine

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

Re: [TLS] draft-ietf-tls-tls13-24 supported_versions complexity

[TLS] draft-ietf-tls-tls13-24 supported_versions complexity

7 matches

Site Navigation

Mail list logo

Footer information