On 14 February 2018 at 16:34, Matt Caswell <matt@xxxxxxxxxxx> wrote:
On 14/02/18 16:27, Richard Moore wrote:
> If I run the following:
>
> openssl-1.1.1pre1 ciphers -tls1_3 -v
The man page says this about the "-tls1_3" option:
"In combination with the B<-s> option, list the ciphers which would be
used if TLSv1.3 were negotiated."
So you need to add "-s". If you do that then you only get the TLSv1.3
ciphers. It's a little strange that the option is ignored if no -s is
supplied (you might think supplying -tls1_3 would automatically imply
-s). But that is the way that all the -tls* options work, so this is
nothing new in 1.1.1.
I see thanks. That's very confusing, but yeah it seems to be there since 1.1.0. How would you feel about that being the default? I'm a little bit unclear about what the point of the option is otherwise?
Thanks
Rich.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
