Hi Glen, In reading the text and I'm not exactly sure where the confusion or contradiction comes in. I think your suggested text is fine, but I'm not sure how it improves things. If I understand your point correctly accepting an SSL 2.0 hello as the first message in the TLS handshake is an example of using at least part of SSL 2.0, so we should indicate that this is an exception to the MUST NOT use SSL 2.0 directive. Is this your concern? Thanks, Joe On Dec 1, 2010, at 6:31 PM, Glen Zorn wrote: > Section 3 says "TLS clients MUST NOT send SSL 2.0 CLIENT-HELLO messages." > and "TLS servers MUST NOT negotiate or use SSL 2.0" and later "TLS servers > that do not support SSL 2.0 MAY accept version 2.0 CLIENT-HELLO messages as > the first message of a TLS handshake for interoperability with old clients." > Taken together, I find these statements quite confusing, if not outright > self-contradictory. Maybe, a "However" might fix the problem, though: > > TLS servers MUST NOT negotiate or use SSL 2.0; however, TLS servers > MAY accept SSL 2.0 CLIENT-HELLO messages as the first message of a > TLS handshake in order to maintain interoperability with legacy > clients. > > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf