Currently the description of the extension states that only TLS versions can be listed in the extension and all unknown versions must be ignored.
I wonder if making it explicit that {3, 0} and any lower values MUST NOT be
advertised wouldn't be a good idea, if only to hammer it that SSL3 must not be
used.
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
