On Thu, Sep 13, 2018 at 08:13:41PM +0200, Jakob Bohm wrote: > On 13/09/2018 09:57, Klaus Keppler wrote: > > Hi, > > > > thank you for all your responses. > > > > I've just tested with Firefox Nightly 64.0a1, and both s_server and our > > own app (using OpenSSL 1.1.1-release) are working fine. > > > > The Firefox website is quite confusing: > > > > > Firefox 61 is already shipping draft-28, which is essentially the same as the final published version (just with a different version number). > > (https://blog.mozilla.org/security/2018/08/13/tls-1-3-published-in-firefox-today/) > > > > This is quite confusing, as it sounds better than it actually is. > > (so I've just learned that draft-28 is obviously incompatible with RFC8446) > > > > So thank you for your input, will now continue with OpenSSL 1.1.1. > > The rest will be only a matter of time. :D > > > > Best regards > > > > -Klaus > Would it be reasonable for 1.1.1a to add a transitional "bugs" bit (to be > removed again in a few years) to accept the draft version number of final > TLS 1.3, if the protocols are otherwise identical? Draft versions really should die as soon as possible. If we ever put it in a released version, it will still be in use in 10 years, which really isn't something we want. On the other hand, in a few weeks browsers will stop using those draft versions, so I really don't see the point. Kurt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
