Section 3 says "TLS clients MUST NOT send SSL 2.0 CLIENT-HELLO messages."
and "TLS servers MUST NOT negotiate or use SSL 2.0" and later "TLS servers
that do not support SSL 2.0 MAY accept version 2.0 CLIENT-HELLO messages as
the first message of a TLS handshake for interoperability with old clients."
Taken together, I find these statements quite confusing, if not outright
self-contradictory. Maybe, a "However" might fix the problem, though:
TLS servers MUST NOT negotiate or use SSL 2.0; however, TLS servers
MAY accept SSL 2.0 CLIENT-HELLO messages as the first message of a
TLS handshake in order to maintain interoperability with legacy
clients.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf