On 20 October 2016 at 05:28, Eric Rescorla <e...@rtfm.com> wrote: >> 2. Are there cases, such as unrecognized name. where it is useful to >> indicate that an alert is not fatal? If so how should this case be handled? > > > I think this alert was a mistake :)
In NSS is to tolerate it, but it's an exception. I'm happier with a lone exception than with atrophied and redundant alert levels continuing as they are. I'd prefer to take the PR, with a minor amendment noting the hazard caused by unrecognized_name(112). Clients that intend to accept TLS 1.2 and lower probably have to ignore warning alerts until they see that the server is doing TLS 1.3 or higher. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
