On 2/18/20 11:53 PM, Suresh Krishnan via Datatracker wrote:
I think the following text from Section 4.1 of RFC8314 needs to be updated as
well. Is there any reason this is left out?
Transition of users from SSL or TLS 1.0 to later versions of TLS MAY
be accomplished by a means similar to that described above. There
are multiple ways to accomplish this. One way is for the server to
refuse a ClientHello message from any client sending a
ClientHello.version field corresponding to any version of SSL or
TLS 1.0.
Since this paragraph is about transitioning away from deprecated
versions of TLS, perhaps the paragraph should be amended to:
Transition of users from SSL, TLS 1.0, or TLS 1.1, to later versions of
TLS MAY be accomplished by a means similar to that described above.
There are multiple ways to accomplish this. One way is for the server
to refuse a ClientHello message from any client sending a
ClientHello.version field corresponding to any version of SSL or
TLS versions < 1.1.
Keith
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
