Currently the description of the extension states that only TLS versions can 
be listed in the extension and all unknown versions must be ignored.

I wonder if making it explicit that {3, 0} and any lower values MUST NOT be 
advertised wouldn't be a good idea, if only to hammer it that SSL3 must not be 
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Red Hat Czech s.r.o., Purky┼łova 99/71, 612 45, Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

TLS mailing list

Reply via email to