(This is probably already known to a bunch of people, but it's probably a good idea to put out there.)
When deploying EMS, we recently discovered, with the help of our friends at Google (who discovered this long before that) a quirk in some implementations. Short story: Don't place an empty extension at the end of your ClientHello. You will find that a small number of servers choke. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls