This paragraph refers to the anti-downgrade mechanism described in 4.1.3. -Ekr
On Wed, Nov 9, 2016 at 6:56 AM, Roel Peeters <roel.peet...@esat.kuleuven.be> wrote: > Hi Dave, > > We are wondering because of this piece of text from the RFC EDITOR just > above paragraph 4.1.4 on Hello Retry Request: > > RFC EDITOR: PLEASE REMOVE THE FOLLOWING PARAGRAPH Implementations of draft > versions (see Section 4.2.1.1) of this specification SHOULD NOT implement > this mechanism on either client and server. A pre-RFC client connecting to > RFC servers, or vice versa, will appear to downgrade to TLS 1.2. With the > mechanism enabled, this will cause an interoperability failure. > Best, > Roel > > On 8 Nov 2016, at 22:26, Dave Garrett <davemgarr...@gmail.com> wrote: > > On Tuesday, November 08, 2016 09:55:36 am Roel Peeters wrote: > > we are also wondering whether or not the Hello Retry Request will be > included or omitted in the standard. Leaving it out will make TLS 1.3 > vulnerable again to downgrade attacks ... > > > Why are you wondering about this? HRR is in the specification and there > has been no discussion to remove it. > > > Dave > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
