On 10/23/15 at 2:02 PM, ynir.i...@gmail.com (Yoav Nir) wrote:
That is true only if your application’s client component and
server component are using the same library. That is not
guaranteed in a protocol. Specifically that is not the case
with the web.
There are some version intolerant servers out there that will
choke on seeing a TLS 1.3 ClientHello. If the client uses some
library (like OpenSSL) and you upgrade to OpenSSL 1.2.0 that
has TLS 1.3. All of the sudden your application is broken. On
the web this means that some websites don’t work.
This incompatibility cuts both ways. Another way of looking at
it is that all of a sudden your website has lost viewers and you
should fix your problem. Perhaps I am unusual, but if I go the a
website that doesn't work, I usually conclude that I don't need
to see that web site. My problem is too little time, meaning I
don't want to bleep with things that don't work, not extra time
to futz with different browsers to get things working.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos,
CA 95032
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
