[openssl-project] The problem of (implicit) relinking and changed behaviour
Viktor Dukhovni
openssl-users at dukhovni.org
Sun Apr 15 16:18:48 UTC 2018
> On Apr 15, 2018, at 2:24 AM, Bernd Edlinger <bernd.edlinger at hotmail.de> wrote:
>
> One possible example of application failure that I am aware of is #5743:
> A certificate that is incompatible with TLS1.3 but works with TLS1.2.
> Admittedly that I did come up with that scenario only because I saw
> a possible issue per code inspection.
[ Repeating in part my response to Richar's mesage also in this thread ]
This is a bug that needs to be fixed, the point format for TLS does not
have any provenance over X.509. There's no such thing as a certificate
not compatible with TLS 1.3 (that is compatible with TLS 1.2).
--
Viktor.
More information about the openssl-project
mailing list