On Thu, Sep 8, 2016 at 12:04 PM, David Benjamin <david...@chromium.org> wrote:
> The major arguments against this change seem to be: > > 1. It’s inelegant to have two mechanisms. > 2. We should fix broken servers > There's also: 3. Implementors will find a way to screw this up, too. But if you follow through with your plan to have Chrome randomly add a really high version to the list to smoke out servers that fail when they see unsupported versions, it's plausible version intolerance could be in the noise next time around. If you time-limit that behavior for a particular version of Chrome (say, to a few months), you could even have it randomly add the next version or current version + 2 to the list to detect and report on selective next-version intolerance. I'd say this kind of failure mode is unlikely, but... Murphy's Law. Kyle
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls