https://github.com/tlswg/tls13-spec/pull/800
In Seoul we had rough consensus (or at least apathy) to leave the supported versions semantics alone but tighten up the language. The above PR does that. One point I notice we didn't discuss is whether we should require the server to check that ClientHello.legacy_version == 0303. NSS (and I believe BoringSSL) currently ignore it which i believe is the best reading of -18 and is what is in this PR. I think if we're going to change this we should just make it an error to have supported_versions and legacy_version != 0303. My preference would be to leave as-is, however. -Ekr
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls