Gary E. Miller via devel <devel@ntpsec.org>: > > I'm debugging on OpenSSL 1.1.1a which supports TLS1.3 but is not > > widely deployed yet. > > For good reason. From their wiki: > > https://wiki.openssl.org/index.php/TLS1.3 > > "The OpenSSL git master branch (and the 1.1.1-pre9 beta version) > contain our development TLSv1.3 code which is based on the final > version of RFC8446 and can be used for testing purposes (i.e. it is > not for production use)." > > Note: "not for production use"
We probably can't ship with anything lower than 1.1.1b, anyway. Not
according to Martin Langer. And it's not out yet.
There are strategic reasons I don't have any problem saying we're not going to
support down-version libcrypto. I don't think Cisco will mind that, either.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
