Hi, I didn't know TLS 1.3 was out, thought it was next year before we'd see it. What are some advantages of 1.3? Thanks. Dave. On 3/28/18, Stefan Eissing <stefan.eissing@xxxxxxxxxxxxx> wrote: > Glad you asked: I just committed r1827912 into trunk that adds support for > TLSv1.3 when linking against OpenSSL v.1.1.1-pre3. This does allow TLSv1.3 > clients to talk that version to the server, but it will not enable any fancy > early data or such. There is more support needed in the server to protect > against replay attacks etc. > > Maybe some people who link against other SSL libraries want to have a look > and see what needs changing to work with those. Libressl is the most famous > for requiring special attention here. > > One the change seems ok, I'll propose it for backport into the next 2.4.x > release. > > Cheers, > > Stefan > >> Am 28.03.2018 um 08:58 schrieb @lbutlr <kremels@xxxxxxxxx>: >> >> Now that TLS 1.3 has been approved, what is the status of using it with >> Apache? Last I heard apache 2.4 couldn't build agains openssl 1.1, but >> that was a year ago. >> >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|