On 26/11/2018 20:04, Viktor Dukhovni wrote:
On Nov 26, 2018, at 11:33 AM, Jakob Bohm via openssl-users
wrote:
In TLS 1.2 and older it was an extension "Trusted CA Indication" (3),
defined in RFC6066 Chapter 6.
So I would suggest that any OpenSSL API to control that feature in
TLS 1.3 also aff
> On Nov 26, 2018, at 11:33 AM, Jakob Bohm via openssl-users
> wrote:
>
> In TLS 1.2 and older it was an extension "Trusted CA Indication" (3),
> defined in RFC6066 Chapter 6.
>
> So I would suggest that any OpenSSL API to control that feature in
> TLS 1.3 also affects the matching TLS < 1.3 fu
Hi,
The ability of a TLS client to optionally send a list of trusted
CAs to the TLS server is not new in TLS 1.3.
In TLS 1.2 and older it was an extension "Trusted CA Indication" (3),
defined in RFC6066 Chapter 6.
So I would suggest that any OpenSSL API to control that feature in
TLS 1.3 also a
