On Mon, Mar 21, 2016 at 2:59 PM, Hannes Tschofenig < hannes.tschofe...@gmx.net> wrote:
> Hi Ekr, > > ~snip~ > > > Section 6.3.1.2 explains that the ServerHello message handling: > > > > " > > The server will send this message in response to a ClientHello > message > > when it was able to find an acceptable set of algorithms and the > > client’s “key_share” extension was acceptable. If the client proposed > > groups are not acceptable by the server, it will respond with a > > “handshake_failure” fatal ale > > " > > > > What this text should be saying is that the response from the server > > depends on the selected ciphersuite. Implicitly you are saying that > in > > another part of the document, namely in Section 8.2 "MTI Extensions". > > > > > > Sorry, I'm not following your question here. Can you say more? > > > > The conditions for the server to return a ServerHello are complex and > the wording is confusing. > > The decisions are at least based on: > > - Is there an acceptable set of algorithms and groups that are mutually > supported? > > - Did the client’s KeyShare contain an acceptable offer? > > - Is a KeyShare extension present? > > - Is “signature_algorithms” extension present? > > - Does msg offer (EC)DHE cipher suites? > Ah, I see. Let me see if I can clear this up, if you wanted to send a PR, that wouldn't help too. -Ekr
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
