On Wed, Feb 14, 2018 at 4:07 AM, Kathleen Moriarty <kathleen.moriarty.i...@gmail.com> wrote: > What's the behavior when the middlebox is a proxy, let's say existing > a managed network? I presume from from section 3.1 that this > negotiation doesn't work in that instance unless sites configured for > this are not subject to the proxy as is often done for financial site > access from corporate networks. It would be good to know if it does > work and that is addressed with the text Mirja calls out for her #1 > question. Having this clarified could be helpful.
If there is a MitM, then this extension simply isn't negotiated. That's pretty well understood. I don't see why that requires special mention. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls