Henrik Grubbström wrote: > Martin Rex <m...@sap.com> wrote: >> >> Nope, _our_ client is perfectly compliant by _not_ sending TLS extensions. >> SCHannel is violating a MUST requirement, failing to properly process >> a ServerHello without a TLS extension. >> >> https://tools.ietf.org/html/rfc5246#section-7.4.1.2 >> >> 7.4.1.2 ClientHello >> >> extensions >> Clients MAY request extended functionality from servers by sending >> data in the extensions field. The actual "Extension" format is >> defined in Section 7.4.1.4. >> >> >> A server MUST accept ClientHello >> messages both with and without the extensions field, > > Yes, and section 7.4.1.4.1 says that that means:
Section 7.4.1.4 Hello Extensions and its subsections are clearly IRRELEVANT for a client that does not use Hello Extensions. You are looking at a defect of the rfc5246 document. As rfc2026 says, defects in "proposed standards" are to be expected -- and implementors with a clue about formal correctness proofing recognize specification defects and compensate for it while implementing. -Martin _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
