https://github.com/tlswg/tls13-spec/pull/201
I've finished up the WIPs I had been working on for the various discussions we've been having on-list and submitted a PR. There's a lot in there, so review and comments are welcome. Almost all of this has been discussed here at some point to some degree, though across more than a few different threads, and not necessarily in the detail in the PR. Main points: * More explicit alert expectations * Deprecate SHA-1 and allow as fallback only * Make signature_algorithms & supported_groups extensions mandatory (for applicable cipher suites) * Shift final decision to abort due to unsupported certificate chain to the client * Require SNI for application protocols for which it is meaningful (this was discussed a while ago) Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls