undefined | Better HN

0 pointsCodeMichael8y ago0 comments

Does that assume that all of the components (browser and server) support 1.2 as well? In a theoretical future state if I disable 1.2 on my browser doesn't that mean I won't trust a MITM box.

0 comments

agl8y ago

> Does that assume that all of the components (browser and server) support 1.2 as well?

No: a client, server, and MITM proxy can all be exclusively TLS 1.3 and everything will still work(+).

(+) as much as it did with TLS 1.2, anyway.

j / k navigate · click thread line to collapse

0 pointsCodeMichael8y ago0 comments

Does that assume that all of the components (browser and server) support 1.2 as well? In a theoretical future state if I disable 1.2 on my browser doesn't that mean I won't trust a MITM box.

0 comments

agl8y ago

> Does that assume that all of the components (browser and server) support 1.2 as well?

No: a client, server, and MITM proxy can all be exclusively TLS 1.3 and everything will still work(+).

(+) as much as it did with TLS 1.2, anyway.

j / k navigate · click thread line to collapse