[openssl-users] OpenSSL 1.1.1 pre-7 or pre-8 connect to 1.1.1 pre-9 oddity?
Dennis Clarke
dclarke at blastwave.org
Fri Aug 24 02:16:46 UTC 2018
On 08/23/2018 10:12 PM, Salz, Rich via openssl-users wrote:
> I find it interesting that openssl 1.1.1-pre7 can not connect to a
> server which has openssl 1.1.1-pre9 in place. Nor can Firefox nightly.
>
> This is to be expected. Pre-9 implements the official RFC version of TLS 1.3, while the earlier beta releases implement drafts. One of the major differences between the RFC and the drafts, is that (a) they don't interoperate, by design; and (b) fallback is an error.
>
>
OKay, thank you.
I'll add a note to the Mozilla bug :
https://bugzilla.mozilla.org/show_bug.cgi?id=1485866
Seems that tls13.crypto.mozilla.org is on draft 28 and not the final
protocol spec.
Makes perfect sense.
Dennis
More information about the openssl-users
mailing list