> For reference, the version field in the TLS premaster secret is not checked > by many servers, IIRC some of them have large market shares.
That’s good to know. It would be tempting to recommend that TLS 1.3 servers disable RSA (encryption) ciphersuites for all protocol versions, but I guess this is not likely to happen for backwards compatibility reasons? > > -- > Sincerely, > Yngve N. Pettersen > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
