On 2010-01-27 07:37 PST, Martin Rex wrote:
Yoav Nir wrote:
Actually it's easier to hard-code the ciphersuite list on the client,
because it never changes with most applications. Adding logic to
differentiate between initial handshakes and repeated handshakes
complicates the code (though not by much)
It more complicated than that, because SCSV is additionally necessary
for sensible behaviour even with -03 when doing old renegotiation
on a connection where the initial ClientHello did not use any
TLS extensions.
I think you meant to write "necessary to prevent vulnerable renegotiation on
a connection where the initial ClientHello did not use any TLS extensions".
If that is what you meant, please confirm.
What you wrote sounds more like you were expecting "old renegotiation" to
succeed. If you were indeed expecting that, then why does SCSV play any
role in that at all?
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf