On Tue, 22 May 2007, Brian E Carpenter wrote:
On 2007-05-22 07:51, Philip Guenther wrote:
...
We expect application protocols that require TLS to specify a mandatory-
-to-implement ciphersuite to guarantee interoperability between clients and
servers. How is the TLS version any different? A client that only
supports TLS 1.0 will fail at handshake time if the server only supports
TLS 1.1. Therefore, if interoperability is the goal, requiring support for
a specific version is necessary.
Since as you point out, TLS has version negotiation, don't you mean
"support for at least one specific version is necessary"?
That's a clearer version of what I meant, yes. I certainly didn't mean
"must _only_ support specific version X.Y".
It would probably be wise to have some canned words for this be provided
by true TLS experts to avoid subtle failure modes. IIRC, a client that
supports, say, TLS 1.2 and 1.0 but not 1.1 will not interoperate with a
server that supports TLS 1.1 and 1.0. The client presumably violates some
requirement, perhaps one for common sense, but I don't see it in a quick
scan of the RFCs.
("MUST request a version no smaller than X.Y and MUST support all versions
between and including that version and X.Y"?)
And presumably
that would be a version whose security is believed to be minimally
adequate, with all earlier versions being forbidden.
Yep. I was about to say "and the same with cipher suites", but the
ordering function for cipher suite "security" changes over time. <sigh>
Philip Guenther
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf