target = "https://tools.ietf.org/rfc/rfc8446#4.3.1"

# 4.3.1.  Encrypted Extensions
#
# In all handshakes, the server MUST send the EncryptedExtensions
# message immediately after the ServerHello message.  This is the first
# message that is encrypted under keys derived from the
# server_handshake_traffic_secret.
# 
# The EncryptedExtensions message contains extensions that can be
# protected, i.e., any which are not needed to establish the
# cryptographic context but which are not associated with individual
# certificates.  The client MUST check EncryptedExtensions for the
# presence of any forbidden extensions and if any are found MUST abort
# the handshake with an "illegal_parameter" alert.
# 
# Structure of this message:
# 
#    struct {
#        Extension extensions<0..2^16-1>;
#    } EncryptedExtensions;
# 
# extensions:  A list of extensions.  For more information, see the
#    table in Section 4.2.

[[spec]]
level = "MUST"
quote = '''
In all handshakes, the server MUST send the EncryptedExtensions
message immediately after the ServerHello message.
'''

[[spec]]
level = "MUST"
quote = '''
The client MUST check EncryptedExtensions for the
presence of any forbidden extensions and if any are found MUST abort
the handshake with an "illegal_parameter" alert.
'''

[[spec]]
level = "MUST"
quote = '''
The client MUST check EncryptedExtensions for the
presence of any forbidden extensions and if any are found MUST abort
the handshake with an "illegal_parameter" alert.
'''