Glad you asked: I just committed r1827912 into trunk that adds support for TLSv1.3 when linking against OpenSSL v.1.1.1-pre3. This does allow TLSv1.3 clients to talk that version to the server, but it will not enable any fancy early data or such. There is more support needed in the server to protect against replay attacks etc. Maybe some people who link against other SSL libraries want to have a look and see what needs changing to work with those. Libressl is the most famous for requiring special attention here. One the change seems ok, I'll propose it for backport into the next 2.4.x release. Cheers, Stefan > Am 28.03.2018 um 08:58 schrieb @lbutlr <kremels@xxxxxxxxx>: > > Now that TLS 1.3 has been approved, what is the status of using it with Apache? Last I heard apache 2.4 couldn't build agains openssl 1.1, but that was a year ago. > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|