[openssl-users] TLS 1.3

Matt Caswell matt at openssl.org
Tue Apr 4 12:32:54 UTC 2017

On 04/04/17 12:55, Thiago Arrais wrote:
> I'm interested in contributing to TLS 1.3 support. Is it "done" yet?
> Where do I start? Can anyone point me in the right direction?
> (BTW, total newbie here. Never contributed to OpenSSL.)

Mostly TLSv1.3 support is already done. You can try it out in the git
master branch by configuring with "enable-tls1_3".

I say "mostly" because the spec itself is not finalised. The OpenSSL
implementation is based on draft-19, but we are expecting draft-20
sometime soon which has a few minor technical changes. There are also a
list of optional extra features (i.e. not required for compliance) that
I consider "nice-to-have" and aren't done yet (e.g. configurable record
layer padding, ffdhe groups, configurable number of key_shares etc).


P.S. This post is probably better directed at the openssl-dev email list
as it is about the development of OpenSSL itself.

More information about the openssl-users mailing list