jspωiki
Supported_versions

Overview#

Supported_versions is a TLS extension defined in TLS 1.3

Supported_versions TLS extension is used by the client to indicate which versions of TLS it supports. The TLS extension contains a list of supported versions in preference order, with the most preferred version first. Implementations of this specification MUST send this TLS extension containing all versions of TLS which they are prepared to negotiate (for this specification, that means minimally 0x0304, but if previous versions of TLS are supported, they MUST be present as well).

 struct {
          ProtocolVersion versions<2..254>;
} SupportedVersions

If this TLS extension is not present, servers which are compliant with this specification MUST negotiate TLS 1.2 or prior as specified in RFC 5246, even if ClientHello.legacy_version is 0x0304 or later. Servers MAY abort the TLS Handshake upon receiving a ClientHello with legacy_version 0x0304 or later.

If this extension is present, servers MUST ignore the ClientHello.legacy_version value and MUST use only the "Supported_versions" extension to determine client preferences.

Servers MUST only select a version of TLS present in the Supported_versions extension and MUST ignore any unknown versions that are present in that extension. Note that this mechanism makes it possible to negotiate a version prior to TLS 1.2 if one side supports a sparse range.

Implementations of TLS 1.3 which choose to support prior versions of TLS SHOULD support TLS 1.2. Servers should be prepared to receive ClientHellos that include this Supported_versions TLS extension but do not include 0x0304 in the list of versions.

The server MUST NOT send the "Supported_versions" extension. The server's selected version is contained in the ServerHello.version field as in previous versions of TLS.

More Information#

There might be more information for this subject on one of the following: