On Fri, Mar 2, 2018 at 12:21 AM, Nikos Mavrogiannopoulos
wrote:
> On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote:
> >
> > I believe you are misinterpreting the text, but agree that it could
> > be
> > made more clear.
> >
> > Suppose that the ClientHello includes a
On Thu, 2018-03-01 at 10:49 -0500, David A. Cooper wrote:
>
> I believe you are misinterpreting the text, but agree that it could
> be
> made more clear.
>
> Suppose that the ClientHello includes a supported_versions
> extensions
> that contains two values, TLS 1.4 and TLS 1.0, and the server
On Thu, Mar 1, 2018 at 10:42 AM, David Benjamin
wrote:
> FWIW, this was BoringSSL's interpretation as well. We don't consider
> supported_versions an acceptable TLS 1.2 (or earlier) ServerHello
> extension. I generally agree that we shouldn't add new unnecessary
>
FWIW, this was BoringSSL's interpretation as well. We don't consider
supported_versions an acceptable TLS 1.2 (or earlier) ServerHello
extension. I generally agree that we shouldn't add new unnecessary
combinations.
(TBH, I don't even consider the ability to advertise TLS 1.3 and TLS 1.1 on
the
I believe you are misinterpreting the text, but agree that it could be
made more clear.
Suppose that the ClientHello includes a supported_versions extensions
that contains two values, TLS 1.4 and TLS 1.0, and the server supports
TLS 1.3 and below. My interpretation of the current draft is
On Thu, Mar 1, 2018 at 5:24 AM, Nikos Mavrogiannopoulos
wrote:
> The TLS draft after version -21 requires TLS1.3 servers to negotiate
> pre-TLS1.3 versions with a new, mechanism. The document states:
>
>"If this extension is present, servers MUST ignore the
>
The TLS draft after version -21 requires TLS1.3 servers to negotiate
pre-TLS1.3 versions with a new, mechanism. The document states:
"If this extension is present, servers MUST ignore the
ClientHello.legacy_version value and MUST use only the
"supported_versions" extension to determine