Hi.
See this PR: https://github.com/tlswg/tls-flags/pull/5
<https://github.com/tlswg/tls-flags/pull/5>
The PR is for clarifying what TLS messages may carry the flags extension. So
any message that can carry an extension, can carry a flags extension (if there
are flags defined for that message). These are:
ClientHello
ServerHello
EncryptedExtensions
Certificate
CertificateRequest
HelloRetryRequest
NewSessionTicket
All except the first are Server-side.
The controversy is about unsolicited flags. An unsolicited flag is a flag that
is set in a Flags extension in a server-side message without having been first
declared in the ClientHello extension.
There is no controversy about flags in ServerHello and EncryptedExtensions.
Those cannot have unsolicited flags, because both messages are responses to the
ClientHello.
The question is about the other messages. especially the NST and CR.
What do other think?
Yoav
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls