[Wierd. The copy in my archives has the full body; I do not know why there is no body on the mailing list. Here it is again. -JimC]
Attempts to post this at https://sourceforge.net/p/curl/bugs/new/ failed silently, so I'm writing here. Testing shows that when linked to nss, even a modern version of nss which can do TLS/1.1 and TLS/1.2, curl is unable to negotiate anything more recent that TLS/1.0. 1.1 and 1.2 work fine with openssl and gnutls, and with other nss-using apps. I'm not sure whether ad34a2d5c87 impacted this. I tested with nss-3.15.3. Note that this is not about trying to limit which tls version curl uses, but rather about negotiating the latest version the server supports and about negotiating with servers which only support 1.1 and/or 1.2. Feel free to use https://jhcloos.com/tls.php to test first of those two cases, but I currently lack a public TLS/1.2-only test-case to offer. -JimC -- James Cloos <[email protected]> OpenPGP: 1024D/ED7DAEA6 ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
