On Sun, Apr 29, 2018 at 12:43:26PM +0200, Kurt Roeckx wrote: > We are considering if we should enable TLS 1.3 by default or not, > or when it should be enabled. For that, we would like to know how > applications behave with the latest beta release. It looks like couple of TLS 1.3 changes result in breaking functionality for various EAP methods that are based on TLS unless significant changes in both the EAP method definition and implementations are done before enabling the new TLS version. This seems to have an impact to at least EAP-TLS, EAP-PEAP, EAP-TTLS, and EAP-FAST. As far as wpa_supplicant (EAP peer) and hostapd (EAP server) implementations are concerned, I've prepared changes to make EAP-TLS work with TLS 1.3, but the other EAP methods are still failing for various known (and to some extend, unknown) issues. Anyway, I'm currently explicitly disabling TLS 1.3 support with OpenSSL by default in these application due to these issues and the expected interoperability issues and as such, the OpenSSL 1.1.1 release default behavior regarding TLS 1.3 support should not have impact for these applications. That said, other EAP implementations may want to do something similar or face possibility of breaking functionality if OpenSSL 1.1.1 does go out with TLS 1.3 enabled by default and both ends of the EAP connection have TLS 1.3 enabled. -- Jouni Malinen PGP id EFC895FA -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
