Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Oh hey Eric. I think I was wrong saying it was 1.1. It was a middlebox that ignored max fragment negotiation, which I think was introduced in 1.2. IIRC, the middlebox claimed to support it for 1.2 connections, but silently failed by blackholing the connection. They eventually crafted a fix, but it was an annoying year waiting for network operators to upgrade the firmware on their routers.


Reason number 10^6 why TLS 1.3 is so directive about the protocol invariants: https://www.rfc-editor.org/rfc/rfc8446#section-9.3




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: