On Wed, Oct 21, 2015 at 5:29 PM, Dave Garrett <davemgarr...@gmail.com> wrote:
> On Wednesday, October 21, 2015 07:56:13 pm Eric Rescorla wrote: > > https://github.com/tlswg/tls13-spec/issues/292 > > > > Presently, RFC 4492 only specifies the EC points it can support in > > ServerHello, but does not let the server indicate which EC curves it > > supports. Unless I'm missing something, this means that there's > > no way for the server to indicate what groups it would support. > > > > That seems less than ideal. There seem like three options here: > > > > 1. Put it in CertificateRequest > > 2. Send it in ServerHello > > 3. Do nothing. > > I prefer #2. I don't think encryption is necessarily required for this, > but EncryptedExtensions is fine too (Martin's 2b). > > I'm generally against putting it in CertificateRequest, as we're reusing > an existing hello extension so keeping it in a hello message (or it's > trailing encrypted field) seems best. (restricted to TLS 1.3+ clients, > though) This would need to be limited to 1.3 in any case because in all the other cases it would be illegal. -Ekr > > > Dave >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
