On 16 October 2015 at 12:22, Brian Smith <br...@briansmith.org> wrote: > Why only protect TLS 1.3 from such a downgrade? I think it is worthwhile to > protect TLS 1.2 from the downgrade too, in a similar way. Or, is there > something specific about TLS 1.3 that makes the downgrade worse?
Given that we can't expect TLS 1.2 servers to implement the hack, I'm not sure that this is of great utility, but if we can bake a version number in there, I'm not opposed to the notion. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
