+1! for backporting
> On Sep 3, 2018, at 5:17 AM, Stefan Eissing <stefan.eiss...@greenbytes.de>
> wrote:
>
> Dear SSL care takers and stake holders,
>
> trunk has TLSv1.3 support for some time. I just now changed the 'all'
> SSLProtocol selection, so that it does not include TLSv1.3. This means that
> in order to enable it, admins must add an explicit '+TLSv1.3' to their config
> (same for SSLProxyProtocl of course).
>
> With this, the added support is really an opt-in and we could backport it to
> 2.4.x, if we want. We have been burned with backporting SSL features just
> recently (by my mistake), so I would understand that people feel a bit
> reluctant here. On the other hand, there is certainly interest by users.
>
> So, what is your opinion?
>
> Cheers,
>
> Stefan
>
> PS. There are some combinations in renegotiation/client certs that are not
> tested well. Therefore, '+TLSv1.3' should be tagged as 'experimental' or at
> least with a heavy caveat for those setups. But I see no issue with using it
> for plain-vanilla https: setups.