> On Apr 18, 2018, at 10:12 AM, Andy Polyakov <ap...@openssl.org> wrote:
>
> With this in mind, wouldn't it be more
> appropriate to simply not offer 1.3 capability if application didn't
> provide input for SNI?
That's what Rich suggested, and it makes sense, but what does not make any
sense to me is what Google is doing. Snatching defeat from the jaws of victory
by needlessly forcing clients to downgrade to TLS 1.2. Is there a
justification for this?
--
Viktor.
_______________________________________________
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project
