> On Sep 28, 2016, at 11:08 AM, Salz, Rich <[email protected]> wrote: > > >> C.2 Negotiating with an older client says, "If the >> "supported_versions" extension is present, the server MUST negotiate >> the highest server-supported version found in that extension." > > I agree that an appendix is the wrong place to put this. And that specifying > the client order is pointless. > > But I disagree with this being a MUST. There may be times when the server > knows more than the client and will know that a lower version is more > appropriate. E.g., interfering middleboxes or regulatory regimes.
Seems reasonable. How about making selection from the list (if the extension is present) a MUST and selecting the highest server-supported version is RECOMMENDED? Perhaps the second part is unnecessary. -- Stephen Checkoway _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
