Relationship between TLS 1.3 ciphers and earlier ciphers
Jordan Brown
openssl at jordan.maileater.net
Thu Nov 30 19:19:48 UTC 2023
And yes, I fully understand that selecting only TLS 1.3 while allowing
only 1.2 ciphers, or vice versa, would fail. That's the same as, when
1.2 came in, selecting only 1.2 ciphers while disallowing 1.2. In the
future, it's the same as allowing only 1.3 while selecting only 1.4 ciphers.
If the library were to detect those problems (and report them clearly!)
then that would be great, but it's OK if a user interface has to apply
those rules on its own, or if it's just left up to the user.
--
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231130/69ae9bec/attachment.htm>
More information about the openssl-users
mailing list