On Sun, Jun 19, 2022 at 08:38:26PM +0300, Ilari Liusvaara wrote:
> > Of course both EMS and EtM MUST be a MUST.
>
> I think EtM is only MUST if blockmode (CBC) cipher is supported. And
> clients SHOULD NOT send EtM if not sending any blockmode cipher suites
> (as it is not possible to
On Sun, Jun 19, 2022 at 09:16:48AM +, Peter Gutmann wrote:
> Yaron Sheffer writes:
>
> >Ben Kaduk asked why we only added TLS 1.2 Extended Master Secret
> >support as a SHOULD, and we tend to agree (given widespread support
> >of this feature) that is needs to be a MUST [1]. We would
Yaron Sheffer writes:
>Ben Kaduk asked why we only added TLS 1.2 Extended Master Secret support as a
>SHOULD, and we tend to agree (given widespread support of this feature) that
>is needs to be a MUST [1]. We would appreciate the group’s input before we
>make this change.
This, alongside MUST
