> For reference, the version field in the TLS premaster secret is not checked > by many servers, IIRC some of them have large market shares.
That’s good to know. It would be tempting to recommend that TLS 1.3 servers disable RSA (encryption) ciphersuites for all protocol versions, but I guess this is not likely to happen for backwards compatibility reasons? > > -- > Sincerely, > Yngve N. Pettersen > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
