On Friday 03 June 2016 08:37:34 Nikos Mavrogiannopoulos wrote: > A simpler proposal is: > Consider TLS 1.3 as a feature, and negotiate it using an empty > extension. If the extension is present a server assumes TLS 1.3.
If anything, it should be this. Extension with version negotiation introduced because version negotiation is commonly gotten wrong doesn't look like a solution to me... That being said, I would prefer the solution to be a compliance test suite that checks if servers do handle correctly future versions, future extensions and future ciphersuites correctly. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls