[openssl-project] Potentially bad news on TLS 1.3 compatibility (sans SNI)
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Apr 18 17:42:58 UTC 2018
> On Apr 18, 2018, at 1:14 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
>
> I'm not sure you actually get downgraded? I get TLS 1.2 in all
> cases. I think they still speak a different draft version. If it's
> boringssl, I think they do 22 and 23 in the last release and 26
> (like we) in their current master version.
Perhaps that's right, even with SNI I get TLS 1.2, but with the right
certificate, whereas without SNI I get the wrong certificate. It is
not clear what will happen when they actually support TLS 1.3.
--
Viktor.
More information about the openssl-project
mailing list