[openssl-users] Openssl 1.1 / TLS 1.3

Richard Moore richmoore44 at gmail.com
Wed Feb 14 17:28:34 UTC 2018

On 14 February 2018 at 16:34, Matt Caswell <matt at openssl.org> wrote:

> On 14/02/18 16:27, Richard Moore wrote:
> > If I run the following:
> >
> >  openssl-1.1.1pre1 ciphers -tls1_3 -v
> The man page says this about the "-tls1_3" option:
> "In combination with the B<-s> option, list the ciphers which would be
> used if TLSv1.3 were negotiated."
> So you need to add "-s". If you do that then you only get the TLSv1.3
> ciphers. It's a little strange that the option is ignored if no -s is
> supplied (you might think supplying -tls1_3 would automatically imply
> -s). But that is the way that all the -tls* options work, so this is
> nothing new in 1.1.1.

​I see thanks. That's very confusing, but yeah it seems to be there since
1.1.0. How would you feel about that being the default? I'm a little bit
unclear about what the point of the option is otherwise?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180214/d9f4299e/attachment.html>

More information about the openssl-users mailing list