[cPP Comment 27] NDcPP: FCS_DTLSS_EXT.1.9; B.3.3.1; C.2.2.2

ND-iTC / Documents

ND iTC Document repository (NDcPP, ND SD, and all related files)

MIT License

5 stars 1 forks source link

[cPP Comment 27] NDcPP: FCS_DTLSS_EXT.1.9; B.3.3.1; C.2.2.2 #302

Closed kr15tyk closed 10 months ago

kr15tyk commented 1 year ago

Location: NDcPP: FCS_DTLSS_EXT.1.9; B.3.3.1; C.2.2.2

Comment: This element only applies to TLS 1.3, so if you’re not claiming TLS 1.3, this SFR (and 1.10) is null and void.

Suggested change: Reconfigure SFR so no elements are selection-based.

kenji-lightship commented 1 year ago

I think we can leave this as-is. Since the Early data extension not supported in TLS 1.2, I think we can make an argument that it is prohibited in a TLS1.2 connection as well as a TLS1.3 connection.