In this TLS1.3 "MUST" discussion, I don't understand what an:
"additional, non-default option"
It means that the configuration file or however the settings are managed, does
not turn in on by default.
* How does a client know if there were deployment considerations on the server?
In many cases, the client and server software are written by the same company.
This is of course NOT the case when the application is a Web application.
* If we know (at protocol development time) that there are deployment
considerations, what are we supposed to write?
If you think it’s temporary, go with the MUST 1.3. If you think it is endemic
go with MUST 1.3+MAY 1.2
Finally, how is:
"You MUST Unless you can't"
not literally what SHOULD is.
Because it’s not “unless you can’t.” It’s MUST with a MAY added; that doesn’t
downgrade the MUST.
_______________________________________________
Uta mailing list -- [email protected]
To unsubscribe send an email to [email protected]
