[openssl-users] Openssl 1.1 / TLS 1.3
Richard Moore
richmoore44 at gmail.com
Wed Feb 14 17:28:34 UTC 2018
On 14 February 2018 at 16:34, Matt Caswell <matt at openssl.org> wrote:
>
>
> On 14/02/18 16:27, Richard Moore wrote:
> > If I run the following:
> >
> > openssl-1.1.1pre1 ciphers -tls1_3 -v
>
> The man page says this about the "-tls1_3" option:
>
> "In combination with the B<-s> option, list the ciphers which would be
> used if TLSv1.3 were negotiated."
>
> So you need to add "-s". If you do that then you only get the TLSv1.3
> ciphers. It's a little strange that the option is ignored if no -s is
> supplied (you might think supplying -tls1_3 would automatically imply
> -s). But that is the way that all the -tls* options work, so this is
> nothing new in 1.1.1.
>
I see thanks. That's very confusing, but yeah it seems to be there since
1.1.0. How would you feel about that being the default? I'm a little bit
unclear about what the point of the option is otherwise?
Thanks
Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180214/d9f4299e/attachment.html>
More information about the openssl-users
mailing list