Hal Murray <[email protected]>:
>
> Eric:
> > I'm not seeing anything in that 'graph which would ever *require* you to
> > disable down-version TLS. The last normative is a MAY, not a MUST.
>
> It starts with:
> > Implementations MUST NOT negotiate TLS versions earlier than 1.2,
> so we have to do something.
Sorry, didn't mean to suggest otherwise.
> I think we should specify a min version of 1.2
Agreed.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
_______________________________________________
devel mailing list
[email protected]
http://lists.ntpsec.org/mailman/listinfo/devel
