Dear list, according https://tools.ietf.org/html/rfc6347#section-4.2.1
"The server_version field ... DTLS 1.2 server implementations SHOULD use DTLS version 1.0 regardless of the version of TLS that is expected to be negotiated. ... The server MUST use the same version number in the HelloVerifyRequest that it would use when sending a ServerHello. ... " For me that seems to be ambiguous. I checked two other implementations (openssl sends 1.0, mbedtls send 1.2) and it seems to be not clear there as well. So, which version should a "DTLS 1.2 only server" send in its HelloVerifyRequest? best regrads Achim Kraus _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
