[openssl-users] No TLS Extended Master Secret Extension (RFC7627) support yet?
Matt Caswell
matt at openssl.org
Wed Nov 11 22:15:04 UTC 2015
On 11/11/15 21:53, Igor Sverkos wrote:
> Hi,
>
> today I read [1] that Microsoft finally added support for TLS Extended
> Master Secret Extension to their SSL implementation (SChannel).
>
> The author was so kind to provide a test script [2] to check if your
> own servers support TLS Extended Master Secret extension yet.
>
> Looks like my servers don't support TLS Extended Master Secret
> extension yet. This lead me to the question when OpenSSL will add
> support for this extensions or if it is my fault. I am using
>
> nginx/1.9.6 build against OpenSSL 1.0.2d 9 Jul 2015
>
> from source.
>
> Looks like there was already a contribution [3] which was already
> reviewed in some ways [4].
>
> Any status update would be nice.
Extended Master Secret support is already merged into the current git
master branch. It will be supported in our forthcoming 1.1.0 release.
Our current release schedule puts this as being released on 28th April 2016:
https://www.openssl.org/policies/releasestrat.html
Matt
More information about the openssl-users
mailing list