Re: [TLS] consensus on backwards compatibility changes

[Ilari Liusvaara <ilari.liusvaara@elisanet.fi>]

On Fri, Feb 20, 2015 at 01:45:51PM -0500, Dave Garrett wrote:
> I've made some editorial improvements to PR 107. I've rewritten a few little bits of prior existing text and simplified the sectioning. I've also fixed some section linking. Insecure fallback is now explicitly listed as "NOT RECOMMENDED" as suggested by Michael Clark.
> 
> https://github.com/tlswg/tls13-spec/pull/107/files
> 
> There is one new remaining issue to discuss that was brought up by David Benjamin on GitHub. Essentially, we want to make sure that the wording of what versions are to be used in the record layer is precise, including error cases, such that implementations are consistent here. I'd like to see what the opinion of the list is on the topic.
> 
> Current PR 107 wording for the record layer version field:
> ------------------------------
> TLS clients MUST set this version to { 3, 1 } for the initial ClientHello.
> For the ServerHello and all other TLS records this MUST be equal to the negotiated version.
> ------------------------------
> 
> My current consideration (not yet in PR):
> ------------------------------
> Prior to version negotiation, this value MUST be { 3, 1 }. This includes the ClientHello, records sent during negotiation, and errors aborting the negotiation.
> After version negotiation, this MUST be equal to the negotiated version. This includes the ServerHello and all following records.
> ------------------------------
> 
> I explicitly mention records and errors so as to make sure records in EarlyDataExtension are included. Maybe just call it out by name instead? Anyone think of some better wording here?
> 
> Once we can agree on the wording of this, I think this set of changes should be ready unless someone else has a concern that has not been addressed.
> 

What about HelloRetryRequest?


-Ilari