On Fri, Jan 22, 2021, at 1:54 AM, Nick Harper wrote: > On Thu, Jan 21, 2021 at 9:46 PM Martin Thomson <m...@lowentropy.net> wrote: > > In other words, each flag is treated just like an empty extension: you can > > initiate an exchange with it, but you can only answer with it if it was > > initiated with it. > > > I agree that this is the correct guiding principle for handling flags. > We should allow unsolicited flags in the same places we allow > unsolicited extensions. Going by section 4.2 of RFC 8446, that would be > ClientHello, CertificateRequest, and NewSessionTicket.
+1 -- and thanks, Martin, for summarizing the principle so elegantly! Best, Chris _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
