On Fri, Jun 03, 2016 at 06:39:58AM -0700, Eric Rescorla wrote:
> My opinion on this hasn't really changed since the last time. This seems
> like it's more complicated and it's not clear to me why it won't lead to
> exactly the same version intolerance problem in future.
Doing version negotiation through extensions would be a major
implementation burden. At present the client version appears early
in the ClientHello at a fixed position in the packet, and the server
can quickly grab the version, compute the highest shared version
and branch to the protocol implementation for that version to parse
the rest of the ClientHello.
Putting the client version in an extension dramatically complicates
server-side processing. So my view is that this would not be
progress. This is IMNSHO even less likely to interoperate than
what we have now.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
