Tiru > On 23 Sep 2020, at 11:50, tirumal reddy <kond...@gmail.com> wrote: > > Hi Ben, > > Please see inline > > On Tue, 22 Sep 2020 at 20:45, Ben Schwartz <bem...@google.com > <mailto:bem...@google.com>> wrote: > I'm not able to understand the new text in Section 6. Are you saying that > clients MUST include all the listed extensions/features, but MAY also include > extensions/features not listed in the MUD profile? So the MUD profile only > acts as a "minimum" set of features? > > Section 6 discusses the firewall behaviour when it sees a) known > extensions/features in a TLS session but not specified in the MUD profile b) > unknown extensions/features in a TLS session either specified or not > specified in the MUD profile c) updated MUD profile specifying > extensions/features not supported by the firewall. >
I think it would be good to step through a couple of example extensions that could be viewed both separately and together, and what the order of operations would look like in each case. Eliot
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls