Hubert Kario <[email protected]> writes: > On Saturday 01 August 2015 23:16:42 Florian Weimer wrote: >> * Hubert Kario: >> > On Tuesday 28 July 2015 16:01:55 Viktor Dukhovni wrote: >> >> In that case, it should be said that a client MUST NOT advertise >> >> TLS 1.3 unless it offers at least one of the TLS 1.3 MTI ciphers >> >> (or perhaps less restrictive at least one TLS 1.3 compatible cipher). >> > >> > MTI does not mean Mandatory To Enable >> >> Are you sure? That's extremely surprising. > > yes, I'm sure: > > per https://tools.ietf.org/html/rfc5246#page-65 > >>9. Mandatory Cipher Suites >> >> In the absence of an application profile standard specifying >> otherwise, a TLS-compliant application MUST implement the cipher >> suite TLS_RSA_WITH_AES_128_CBC_SHA (see Appendix A.5 for the >> definition).
I don't read anything about enable in deployments here? Having code implementing something does not prevent configuration (and even default settings) to disable something. /Simon
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
