In this TLS1.3 "MUST" discussion, I don't understand what an: "additional, non-default option"
This in section 4. It then says:
If the application is using a TLS implementation that supports this,
and if it knows that the TLS implementation will use the highest
version supported, then clients SHOULD specify just the minimum
version they want. This MUST be TLS 1.3 or TLS 1.2, depending on the
circumstances described in the above paragraphs.
* How does a client know if there were deployment considerations on the server?
* If we know (at protocol development time) that there are deployment
considerations, what are we supposed to write?
Finally, how is:
"You MUST Unless you can't"
not literally what SHOULD is.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Uta mailing list -- [email protected] To unsubscribe send an email to [email protected]
