On Thu, Aug 9, 2018 at 4:57 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
> Benjamin Kaduk <bka...@akamai.com> writes: > > >A 1.2-capable implementation that is configured to only offer 1.1 should > be > >able to behave similarly. > > Except that it can't, because as soon as the server indicates use of TLS > 1.1, > the client is required to abort the handshake. Thus no one can use TLS > 1.1 or > below, because the client is required to abort the handshake if the server > indicates it's using this. > I believe you are misreading this text. The client is required to abort only if the server supplies the signalling bytes in ServerRandom, which a 1.1 server will not. -Ekr Peter. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
