Removing Extensions from Client Hello Header

Matt Caswell matt at
Mon Nov 11 22:33:36 UTC 2019

On 11/11/2019 20:51, Phil Neumiller wrote:
>     Extension: ec_point_formats (len=4)
>         Type: ec_point_formats (11)
>         Length: 4
>         EC point formats Length: 3
>         Elliptic curves point formats (3)
>             EC point format: uncompressed (0)
>             EC point format: ansiX962_compressed_prime (1)
>             EC point format: ansiX962_compressed_char2 (2)

>     Extension: session_ticket (len=0)
>         Type: session_ticket (35)
>         Length: 0
>         Data (0 bytes)
>     Extension: encrypt_then_mac (len=0)
>         Type: encrypt_then_mac (22)
>         Length: 0
>     Extension: extended_master_secret (len=0)
>         Type: extended_master_secret (23)
>         Length: 0

You don't need these four for TLSv1.3

SSL_OP_NO_TICKET will turn off session_ticket.
SSL_OP_NO_ENCRYPT_THEN_MAC will turn off encrypt_then_mac.
SSL_OP_NO_EXTENDED_MASTER_SECRET will turn off extended_master_secret.

Don't switch off encrypt-then-mac or extended-master-secret unless you
*really* need to. They don't do anything in TLSv1.3 but if you ever
ended up negotiating TLSv1.2 by mistake for some reason then switching
these things off has security consequences.

I think the only way to get rid of ec_point_formats would be to disable
EC from being used completely. But, you need EC to be enabled in order
use TLSv1.3 (at least in 1.1.1 - in master its different). So I don't
think you can get rid of this extension.

But I'd really look at why your hardware is failing when these
extensions are present. Is it intolerant of one particular extension? If
so I'd just disable that one.


More information about the openssl-users mailing list