On 14 February 2018 at 16:34, Matt Caswell <m...@openssl.org> wrote: > > > On 14/02/18 16:27, Richard Moore wrote: > > If I run the following: > > > > openssl-1.1.1pre1 ciphers -tls1_3 -v > > The man page says this about the "-tls1_3" option: > > "In combination with the B<-s> option, list the ciphers which would be > used if TLSv1.3 were negotiated." > > So you need to add "-s". If you do that then you only get the TLSv1.3 > ciphers. It's a little strange that the option is ignored if no -s is > supplied (you might think supplying -tls1_3 would automatically imply > -s). But that is the way that all the -tls* options work, so this is > nothing new in 1.1.1. >
I see thanks. That's very confusing, but yeah it seems to be there since 1.1.0. How would you feel about that being the default? I'm a little bit unclear about what the point of the option is otherwise? Thanks Rich.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
