I didn't notice in the -15 draft anything explicitly prohibiting sending a TLSv1.3 Client Hello inside established TLSv1.x connection (where x < 3).
Is this something that the protocol should allow? If yes, renegotiation_info extension status would probably need to be updated. If not, then I think the document should be a bit more explicit about it. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
