|

»

« Return to Thread: cipher suites for protecting client credentials

Re: cipher suites for protecting client credentials

by Mohamad Badra-3 :: Rate this Message:

| View in Thread

On Wed, Mar 28, 2012 at 2:16 PM, Eric Rescorla <ekr@...> wrote:

The SCSV in RFC 5746 was required to avoid downgrade attacks
by simulating faulty extension processing. However, in the case
of this draft, an SCSV does not prevent downgrade attacks, so
there is no reason not to use an extension.

-Ekr

The first reason is extracted from your document [1]:

"An extension is not
   suitable as extension-intolerance is one form of incompatibility"

Best regards,

Badra

[1] 
http://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-version-cs.txt

_______________________________________________
TLS mailing list
TLS@...
https://www.ietf.org/mailman/listinfo/tls

« Return to Thread: cipher suites for protecting client credentials