On Saturday 01 August 2015 23:16:42 Florian Weimer wrote: > * Hubert Kario: > > On Tuesday 28 July 2015 16:01:55 Viktor Dukhovni wrote: > >> In that case, it should be said that a client MUST NOT advertise > >> TLS 1.3 unless it offers at least one of the TLS 1.3 MTI ciphers > >> (or perhaps less restrictive at least one TLS 1.3 compatible cipher). > > > > MTI does not mean Mandatory To Enable > > Are you sure? That's extremely surprising.
yes, I'm sure: per https://tools.ietf.org/html/rfc5246#page-65 >9. Mandatory Cipher Suites > > In the absence of an application profile standard specifying > otherwise, a TLS-compliant application MUST implement the cipher > suite TLS_RSA_WITH_AES_128_CBC_SHA (see Appendix A.5 for the > definition). -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
