[openssl-users] openssl 1.0.2 and TLS 1.3

Matt Caswell matt at openssl.org
Tue Sep 11 14:35:25 UTC 2018



On 11/09/18 15:12, Perrow, Graeme wrote:
> AFAIK 1.1.1 does not support the FIPS module, which means that those of us who require FIPS must stay on 1.0.2. Any ETA on when FIPS support might be added?

TBD. Likely to be next year (before the EOL of 1.0.2) IMO. Our
development focus is now shifting from implementing TLSv1.3 to
implementing the new FIPS module.

Matt


> 
> Graeme
> 
> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Matt Caswell
> Sent: September 11, 2018 4:31 AM
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] openssl 1.0.2 and TLS 1.3
> 
> 
> 
> On 11/09/18 09:05, Dr. Matthias St. Pierre wrote:
>>> Von: openssl-users <openssl-users-bounces at openssl.org> Im Auftrag von The Doctor
>>> Gesendet: Dienstag, 11. September 2018 08:49
>>> An: openssl-users at openssl.org; openssl-dev at openssl.org
>>> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3
>>>
>>> Will that combination occur?
>>
>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be released today.
>> OpenSSL 1.0.2 is an LTS release which will only receive security updates and no new
>> features.
> 
> Strictly speaking 1.0.2 will receive bug fixes and security fixes until
> the end of this year. From the end of this year until the end of 2019 it
> will receive security fixes only. In any case it will receive no new
> features (including TLSv1.3).
> 
> From the release of 1.1.1 (today), 1.1.0 will receive security fixes
> only for one year.
> 
> Matt
> 
> 
> 
>>
>> HTH,
>> Matthias
>>
>> See also
>> https://wiki.openssl.org/index.php/TLS1.3
>> https://www.openssl.org/policies/releasestrat.html
>>
>>
>>


More information about the openssl-users mailing list