Hi Trevor,
On 06/20/2014 12:24 AM, Trevor Freeman wrote:
The TLS BCP does not specify any TLS extensions and it must do so to be
a BCP.
If you are implementing any of the EC cipher suites then the
elliptic_curves and ec_point_formats extensions would be a MUST support
RFC 4492 specifies the MUST/SHOULD status for these extensions. I don't
think we should be repeating or overriding that.
SNI really should be a MUST support.
I'm all in favor of using SNI. But as far as the draft goes, I believe
this is an operational decision, and so we should not include such a
recommendation.
renegotiation_info another MUST support
Agree.
SessionTicket TLS is a SHOULD support.
Session resumption is an implementation choice: a server can elect to
use stateful or stateless resumption, or to not do it at all. We only
discuss its effect on security.
Thanks,
Yaron
Trevor
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
