Currently the description of the extension states that only TLS versions can 
be listed in the extension and all unknown versions must be ignored.

I wonder if making it explicit that {3, 0} and any lower values MUST NOT be 
advertised wouldn't be a good idea, if only to hammer it that SSL3 must not be 
used.
-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 99/71, 612 45, Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to