On Mon, Jul 13, 2015 at 04:30:06PM +0200, Martin Rex wrote:
> Section 7.4.1.4 Hello Extensions and its subsections are clearly IRRELEVANT
> for a client that does not use Hello Extensions.
Let's not go back to lawyering the RFCs. We've been there already,
with not much success. I think we can reach consensus around the
proposed new language that fixes the specification defect for TLS 1.3.
Once that's done, where necessary, we can suggest to implementors
of TLS 1.2 to "improve the product by not complying with section
7.4.1.4.1 of RFC 5246 in a future release".
I am confident this has a much better chance of success than trying
to convince folks that their reading of the RFC is incorrect.
And in any case, when the client *does* send a supported algorithms
extension, that should *still* not rigidly constrain the server to
a certificate chain with just those algorithms, Rather, as proposed,
the server should strive to vend a chain with just the supported
algorithms if at all possible, but failing that it should continue
the handshake with some suitable chain it has at its disposal.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
