On Thu, Jan 21, 2021 at 9:46 PM Martin Thomson <m...@lowentropy.net> wrote:
> In other words, each flag is treated just like an empty extension: you can > initiate an exchange with it, but you can only answer with it if it was > initiated with it. > > I agree that this is the correct guiding principle for handling flags. We should allow unsolicited flags in the same places we allow unsolicited extensions. Going by section 4.2 of RFC 8446, that would be ClientHello, CertificateRequest, and NewSessionTicket.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
