* Julien Pierre: > The whole TLS_FALLBACK_SCSV would be unnecessary if not for this > browser misbehavior - and I hope the IETF will reject it.
Technically, we still need the codepoint assignments from the IETF draft because of their widespread use, and that requires Standards Action, which means publication of a standards-track RFC. Although the RFC could simply say, "do not use these codepoints". (I think TLS_FALLBACK_SCSV is a mistake, too.) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
