On 2018-03-19 at 22:14 +0100, Kristian Fiskerstrand wrote: > On 03/19/2018 10:08 PM, Phil Pennock wrote: > > Do we care? > > I'm tempted to say no..
Another point in favor of that: I'd forgotten that TLS1.3 moves certificate exchange to be protected by the session, so encrypted. Thus I suspect that we won't have SNI available for choosing TLS versions and ciphersuites until after TLS1.3 has already been negotiated. I could do something like bring up another IPv6 address with a listening server, but that would still need manual hacks in the pool-server software to even know that IP address is worthy of consideration. -Phil
signature.asc
Description: Digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel