Re: [TLS] Updated draft

["Robert Dugal" <rdugal@certicom.com>]

Oops, you're right. I misstated what I'd like the draft to allow.
What I'd like is the option to always send the SCSV in the ClientHello and on renegotiation requests send the SCSV + RI extension in the ClientHello.

-- 
Robert Dugal		Senior Software Developer
Certicom Corp.		A Subsidiary of Research In Motion 
rdugal@certicom.com
direct        905.501.3848
fax             905.507.4230
www.certicom.com


-----Original Message-----
From: Marsh Ray [mailto:marsh@extendedsubset.com] 
Sent: Friday, December 18, 2009 9:42 AM
To: Robert Dugal
Cc: TLS Mailing List
Subject: Re: [TLS] Updated draft

Robert Dugal wrote:
> I would also like to see that change in the draft. 
> 
> To increase interoperability with existing servers I would like the option to send SCSV 
> in the initial ClientHello and only send the TLS extension in renegotiation handshakes.

Isn't that how it's worded now?

> This will make it easier for applications as they won't have to make a decision as to 
> whether the server is TLS extension intolerant.

If I were writing a new app that wasn't intended to be the most widely
used web browser in the world, I wouldn't bother with the SCSV at all.

Otherwise, just send it every time instead of an empty RI extension.

- Marsh

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.