On 13/01/2018 04:22 μμ, Lukas Tribus wrote: > Hello, > > > On 13 January 2018 at 15:17, Pavlos Parissis <[email protected]> > wrote: >>> Not exactly, the moment you force a cipher list that does not include a >>> TLSv1.3 cipher in the server side (which has TLSv1.3 enabled) the TLS >>> handshake will break regardless of what is in the Client hello. >>> >> >> But, can we have TLSv3 enabled on server side and still accept TLSv2 >> sessions? > > Only if your cipher-list contains TLSv1.3 ciphers, otherwise nothing > will work (regardless of the TLS version). >
and all those ciphers are supported by all recent browsers, right ? > OpenSSL really goes the extra mile to make everyone's life miserable. > > Is this the result of the implementation or of the TLSv1.3 design ? Cheers, Pavlos
signature.asc
Description: OpenPGP digital signature
