Kurt Roeckx <k...@roeckx.be> wrote: > So I guess you're also saying that a server that implements TLS > 1.1 to TLS 1.3, but disables TLS 1.2 and TLS 1.3 support should > ignore the supported_versions even when it knows about it? > > I guess I have same questions but with only TLS 1.3 disabled, to > be sure when we need to look at it.
>From the perspective of the application developer, if I've disabled TLS 1.3 then I'd rather not have any TLS 1.3 behavior implemented; I'd rather have the implementation behave the same as before it supported TLS 1.2, more-or-less. That means in particular that supported_versions should be ignored if TLS 1.3 and later have been disabled. Put another way, if TLS 1.2 is the maximum version the application has enabled, then the TLS 1.3 specification in total is irrelevant and only RFC 5246 (and perhaps earlier) apply, and those specifications don't specify supported_versions. Consider in particular that an application might want to disable (or avoid enabling) TLS 1.3 to avoid some problem (perhaps a security problem) with supported_versions processing. It would be bad to not have any way of disabling supported_versions processing, and it doesn't seem good from a usability standpoint to have a separate nob to control it. Cheers, Brian -- https://briansmith.org/
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls