On Tue, Dec 19, 2017 at 5:07 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
> I'm not sure I agree renumbering is the right reaction, > though I don't object to that. This could be a case where > it's overall better that those specific devices suffer > breakage, and hopefully then do get firmware updated to > support TLS1.3 or TLS-without-extended-random-or-dual-ec > at some point. > I think we would like to avoid deliberately breaking these devices with TLS 1.3. (I think TLS 1.3 has been subject to enough friction already.) If key_share is renumbered, then presumably extension 40 would be reserved by IANA. Thus other implementations could send extension 40 if they wish not to interoperate with extended_random-supporting peers. Cheers AGL
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
