➢ That requirement is hard to meet in a library that implements both
TLS1.2 and TLS1.3 -- a CCS prior to ServerHello would have to be both
fatally rejected (TLS1.2) and dropped without further processing
(TLS1.3).
Well OpenSSL managed to do it. I guess I should admit that it could
On Fri, Dec 8, 2017 at 10:49 AM, Joseph Birr-Pixton
wrote:
> Hello,
>
> Draft 22 says:
>
> An implementation may receive an unencrypted record of type
> change_cipher_spec consisting of the single byte value 0x01 at any
> time during the handshake and MUST simply drop it without further
>
Hello,
Draft 22 says:
An implementation may receive an unencrypted record of type
change_cipher_spec consisting of the single byte value 0x01 at any
time during the handshake and MUST simply drop it without further
processing.
That requirement is hard to meet in a library that implements
