Handshake failure: TLSv1.3 early data?

Angus Robertson - Magenta Systems Ltd angus at magsys.co.uk
Mon Mar 23 11:10:00 UTC 2020

My public web servers shows several handshake failures daily due to
'TLSv1.3 early data', sometimes after a previous successful TLSv1.3
connection, but not always. 

I'm not currently attempting to handle any early data, I thought it was
disabled by default.  

Is there something I should be doing like using
SSL_CTX_set_allow_early_data_cb() to reject the early data?  Or setting
SSL_CTX_set_recv_max_early_data() to zero?

Maybe these errors are the result of bad client implementations and I
should just ignore them.  

Like all public servers, there are thousands of hacking attempts daily,
and other silly accesses, like why would anyone want to negotiate
protocol 0x0103 while also sending the EC Group extension?  


More information about the openssl-users mailing list