[openssl-project] Inappropriate fallback triggered when "holes" in client protocol list indirectly exclude TLSv1.3

Viktor Dukhovni openssl-users at dukhovni.org
Wed Aug 15 16:08:09 UTC 2018

> On Aug 15, 2018, at 11:50 AM, Matt Caswell <matt at openssl.org> wrote:
>> I think this counts as a regression, the client should notice that
>> it implicitly disabled TLS 1.3, and therefore not react to the
>> server's version sentinel by aborting the connection.  Thoughts?
> Hmm. Yes we should probably handle this scenario. Can you open a github
> issue?



More information about the openssl-project mailing list