On Thursday, 9 August 2018 13:57:20 CEST Peter Gutmann wrote: > Benjamin Kaduk <bka...@akamai.com> writes: > >A 1.2-capable implementation that is configured to only offer 1.1 should be > >able to behave similarly. > > Except that it can't, because as soon as the server indicates use of TLS > 1.1, the client is required to abort the handshake. Thus no one can use > TLS 1.1 or below, because the client is required to abort the handshake if > the server indicates it's using this.
the signalling bytes must be included only if server has support for higher protocol versions enabled; if TLS 1.2 and TLS 1.3 is explicitly disabled on the server, it must not include those signalling bytes -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
