How do I turn off EC point formats from showing up in TLS 1.3 client hello?

Matt Caswell matt at
Fri Nov 15 23:54:22 UTC 2019

On 15/11/2019 22:03, Phil Neumiller wrote:
> TLS 1.3 doesn't use EC point formats right?  I don't know why they are in my
> TLS 1.3 client hello.

No, its not used in TLSv1.3 but is used in TLSv1.2 or below. A
ClientHello is sent before version negotiation takes place so you don't
know what version will eventually be selected. Therefore, if EC is
enabled, this extension is always added regardless.

A possible improvement would be for OpenSSL to detect whether TLSv1.3 is
the only enabled protocol version on the client and disable it in those
circumstances. But it doesn't currently check this.

Currently the only way to disable this extension is to disable EC.
However that means (assuming you are using 1.1.1 instead of master) that
TLSv1.3 will not work since EC is required for the 1.1.1 TLSv1.3
support. In master that isn't the case so I guess it might be possible
there but I've not tried it.


More information about the openssl-users mailing list