On 09/14/2016 02:02 PM, Andrei Popov wrote: > Basically, I don't feel strongly about the switch to the proposed version > negotiation mechanism. But if we are going to make this change based on the > theory of having only one extension point and actively defending it, then we > should probably follow the theory and send a separate TLS extension per TLS > version. >
To me, the (ordered) list of client supported versions in a single extension feels more intuitively natural, so I want to try harder to understand the reasoning that leads you to prefer a separate extension for each version. Is it just that doing an additional "negotiation" within the extension body constitutes another extension point that we would have to actively defend, or is there something else about what a TLS extension is philosophically supposed to indicate? Thanks, Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
