Description
Which version are you referring to
3.2
Describe your feature request (if it's a technical feature)
The extended_master_secret TLS extension has been introduced in RFC 7627 in response to the triple handshake attack.
This extension has long been optional, but recently, it has been marked a MUST for TLS 1.2 in RFC 9325 (TLS best practices from 2022), and has been made a requirement for FIPS compliance as of May 2023. Some implementations, notably Haskell TLS as of version 2.0, also require the presence of this extension for successful TLS negotation.
So clearly, the lack of this extension will be causing interoperability problems between old servers (eg. openssl < 1.1) and strict clients, and vice versa, as already suggested here for MTA-STS.
Describe the solution you'd like
testssl.sh detects the presence of this extension (in the Server Hello category), but currently without any consequence. It would be useful to flag its absence as severity low or medium problem (there, or under the Vulnerabilities category).