Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Specify checks for legacy_version and legacy_compression_method. Fixes #1355 #1364

Merged
merged 2 commits into from
Aug 5, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion draft-ietf-tls-rfc8446bis.md
Original file line number Diff line number Diff line change
Expand Up @@ -1511,6 +1511,9 @@ legacy_version:
and the legacy_version field MUST
be set to 0x0303, which is the version number for TLS 1.2.
(See {{backward-compatibility}} for details about backward compatibility.)
A client which receives a TLS 1.3 Server Hello with a legacy_version
value not equal to 0x0303 MUST abort the handshake with an
"illegal_parameter" alert.

random:
: 32 bytes generated by a secure random number generator.
Expand All @@ -1537,7 +1540,9 @@ cipher_suite:
alert.

legacy_compression_method:
: A single byte which MUST have the value 0.
: A single byte which MUST have the value 0. If a TLS 1.3 ClientHello
is received with any other value in this field, the server MUST
abort the handshake with an "illegal_parameter" alert.

extensions:
: A list of extensions. The ServerHello MUST only include extensions
Expand Down
Loading