Re: [openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

On Thu, Apr 19, 2018 at 07:16:04PM -0400, Viktor Dukhovni wrote: > > * Something else? We could call for testing what really happens on -users? I could also send one to debian-devel-announce, we already have pre4 in experimental. Maybe we can convert the blog post into a wiki, update it to

Re: [openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

On Thu, Apr 19, 2018 at 07:16:04PM -0400, Viktor Dukhovni wrote: > > But not all the friction can be eliminated, and likely not > all providers can be persuaded to be more accommodating. > Which leaves us with some difficult judgement calls: > > * Restrict TLS 1.3 support to just applications

[openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

> On Apr 19, 2018, at 1:48 PM, Matt Caswell wrote: > >> I might suggest conditioning it on the compile-time version of OpenSSL >> headers. This is a common transition strategy for systems working >> through ABI constraints. (In some systems, this is implemented as some >>