From 0e7198b988108be6202342fe24970212fef0459c Mon Sep 17 00:00:00 2001 From: EKR Date: Sat, 3 Aug 2024 11:19:26 -0700 Subject: [PATCH 1/2] Specify checks for legacy_version and legacy_compression_method. Fixes #1355 --- draft-ietf-tls-rfc8446bis.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/draft-ietf-tls-rfc8446bis.md b/draft-ietf-tls-rfc8446bis.md index 4790b193..b4cb2074 100644 --- a/draft-ietf-tls-rfc8446bis.md +++ b/draft-ietf-tls-rfc8446bis.md @@ -1511,6 +1511,8 @@ legacy_version: and the legacy_version field MUST be set to 0x0303, which is the version number for TLS 1.2. (See {{backward-compatibility}} for details about backward compatibility.) + A client which receives a legacy_version value not equal to 0x0303 MUST abort + the handshake with an "illegal_parameter" alert. random: : 32 bytes generated by a secure random number generator. @@ -1537,7 +1539,9 @@ cipher_suite: alert. legacy_compression_method: -: A single byte which MUST have the value 0. +: A single byte which MUST have the value 0. If a TLS 1.3 ClientHello + is received with any other value in this field, the server MUST + abort the handshake with an "illegal_parameter" alert. extensions: : A list of extensions. The ServerHello MUST only include extensions From a40fc49ba67e6edf12660c18c5e20885edb21899 Mon Sep 17 00:00:00 2001 From: EKR Date: Sat, 3 Aug 2024 11:20:52 -0700 Subject: [PATCH 2/2] Slight rewrite --- draft-ietf-tls-rfc8446bis.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/draft-ietf-tls-rfc8446bis.md b/draft-ietf-tls-rfc8446bis.md index b4cb2074..6bbcd7a0 100644 --- a/draft-ietf-tls-rfc8446bis.md +++ b/draft-ietf-tls-rfc8446bis.md @@ -1511,8 +1511,9 @@ legacy_version: and the legacy_version field MUST be set to 0x0303, which is the version number for TLS 1.2. (See {{backward-compatibility}} for details about backward compatibility.) - A client which receives a legacy_version value not equal to 0x0303 MUST abort - the handshake with an "illegal_parameter" alert. + A client which receives a TLS 1.3 Server Hello with a legacy_version + value not equal to 0x0303 MUST abort the handshake with an + "illegal_parameter" alert. random: : 32 bytes generated by a secure random number generator.