> On Apr 15, 2018, at 2:24 AM, Bernd Edlinger <bernd.edlin...@hotmail.de> wrote:
> One possible example of application failure that I am aware of is #5743:
> A certificate that is incompatible with TLS1.3 but works with TLS1.2.
> Admittedly that I did come up with that scenario only because I saw
> a possible issue per code inspection.
[ Repeating in part my response to Richar's mesage also in this thread ]
This is a bug that needs to be fixed, the point format for TLS does not
have any provenance over X.509. There's no such thing as a certificate
not compatible with TLS 1.3 (that is compatible with TLS 1.2).
openssl-project mailing list