On 20/07/17 16:23, Paul Turner wrote: >> I'd assert there's no way TLS clients in general could know when to >> set or unset the "please wiretap me" evil bit in a ClientHello, >> regardless of how complex a configuration is used. > > > It seems like the guidance would be for all TLS clients to NOT > include the extension by default. Anyone who wanted to enable it on > their TLS client would have to explicitly turn it on through > configuration. Since the client wouldn’t include the extension and > the server would know that the client would abort the connection if > it included the extension in return (a violation of TLS 1.3), the > server would simply proceed in killing the connection itself. It > doesn’t seem like there would be the need for complex configuration > decisions to be made by TLS client users who have no intention of > enabling it. Is that correct? No. What's correct is never even defining this at all.
If you think there's some other correct state of affairs I will read the I-D you write describing that. (And then debunk it:-) S.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls