Handshake failure: TLSv1.3 early data?
Matt Caswell
matt at openssl.org
Mon Mar 23 11:25:57 UTC 2020
On 23/03/2020 11:09, Angus Robertson - Magenta Systems Ltd wrote:
> My public web servers shows several handshake failures daily due to
> 'TLSv1.3 early data', sometimes after a previous successful TLSv1.3
> connection, but not always.
Do you have specific error messages?
>
> I'm not currently attempting to handle any early data, I thought it was
> disabled by default.
It is. You don't need to do anything to disable early data.
> Maybe these errors are the result of bad client implementations and I
> should just ignore them.
Possibly - but it would be good to see error messages.
Matt
>
> Like all public servers, there are thousands of hacking attempts daily,
> and other silly accesses, like why would anyone want to negotiate
> protocol 0x0103 while also sending the EC Group extension?
>
> Angus
>
More information about the openssl-users
mailing list