Implementing NTS options
Hal Murray
hmurray at megapathdsl.net
Sat Feb 2 13:03:14 UTC 2019
Eric:
> I'm not seeing anything in that 'graph which would ever *require* you to
> disable down-version TLS. The last normative is a MAY, not a MUST.
It starts with:
> Implementations MUST NOT negotiate TLS versions earlier than 1.2,
so we have to do something.
Me:
>> I assume the default would be no for TLS 1.2 and yes for TLS 1.3
>> Should we be specifying min version rather than allowing various versions?
>From several messages ago:
Since Gary was suspicious of 1.3, I poked a bit. 1.3 is not widely
available yet.
(Available enough to test.)
I think we should specify a min version of 1.2
Another item for the review occasionally list.
--
These are my opinions. I hate spam.
More information about the devel
mailing list