Re: Updated 9.2

On Oct 10, 2014, at 1:57 PM, Brian Smith <brian@briansmith.org> wrote:

> On Fri, Oct 10, 2014 at 10:41 AM, Martin Thomson
> <martin.thomson@gmail.com> wrote:
>> - All of the TLS usage restrictions only apply to TLS 1.2 (TLS 1.3
>> won't permit all these things anyway), except the SNI requirement
> 
> I feel all these qualifiers of "TLS 1.2" are confusing because they
> imply that the rules will be different for other versions of TLS. But,
> older versions of TLS are not allowed and TLS 1.3 will have the same
> rules anyway, so the "1.2" qualifiers seem unnecessary.

It’s important that these rules *do not* cover TLS 1.3, as the TLS specification is the appropriate place to define TLS rules, and as time goes on, the more out of sync and problematic 9.2.2 will become.

--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat

Received on Friday, 10 October 2014 19:23:16 UTC