Wouter,
On 9 Apr 2016, at 12:38, Wouter Verhelst wrote:
> On Sat, Apr 09, 2016 at 12:21:03PM +0100, Alex Bligh wrote:
>> An alternative route would be to delete OPTIONALTLS, and make some of
>> the MUST requirements in SELECTIVETLS say "MUST xyz unless there are
>> no TLS-only exports". However,
On Sat, Apr 09, 2016 at 12:21:03PM +0100, Alex Bligh wrote:
> An alternative route would be to delete OPTIONALTLS, and make some of
> the MUST requirements in SELECTIVETLS say "MUST xyz unless there are
> no TLS-only exports". However, this makes it rather harder to read,
> so I described that case
Wouter,
On 9 Apr 2016, at 11:38, Wouter Verhelst wrote:
>>
>> As per previous message, because SELECTIVETLS requires INFO,
>> but OPTIONALTLS doesn't.
>
> Um. So you're suggesting that if a client sends INFO, we're suddenly in
> a whole different mode of operation?
>
> That seems to make littl
On Sat, Apr 09, 2016 at 11:26:23AM +0100, Alex Bligh wrote:
>
> On 9 Apr 2016, at 11:11, Wouter Verhelst wrote:
> > Since you say zero here, how is it different from OPTIONALTLS?
> >
> > If "not at all", just drop optional.
>
> As per previous message, because SELECTIVETLS requires INFO,
> but
On 9 Apr 2016, at 11:11, Wouter Verhelst wrote:
> Since you say zero here, how is it different from OPTIONALTLS?
>
> If "not at all", just drop optional.
As per previous message, because SELECTIVETLS requires INFO,
but OPTIONALTLS doesn't.
> I'm not *that* well versed in the details of TLS, bu
On Thu, Apr 07, 2016 at 07:32:47PM +0100, Alex Bligh wrote:
[...]
> +### Server-side requirements
> +
> +There are four modes of operation for a server. The
> +server MUST support one of these modes.
> +
> +* The server operates entirely without TLS ('NOTLS'); OR
> +
> +* The server makes TLS avail
