On Wednesday, October 21, 2015 07:56:13 pm Eric Rescorla wrote: > https://github.com/tlswg/tls13-spec/issues/292 > > Presently, RFC 4492 only specifies the EC points it can support in > ServerHello, but does not let the server indicate which EC curves it > supports. Unless I'm missing something, this means that there's > no way for the server to indicate what groups it would support. > > That seems less than ideal. There seem like three options here: > > 1. Put it in CertificateRequest > 2. Send it in ServerHello > 3. Do nothing.
I prefer #2. I don't think encryption is necessarily required for this, but EncryptedExtensions is fine too (Martin's 2b). I'm generally against putting it in CertificateRequest, as we're reusing an existing hello extension so keeping it in a hello message (or it's trailing encrypted field) seems best. (restricted to TLS 1.3+ clients, though) Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
