Re: [openssl-project] When to enable TLS 1.3

On Sat, Apr 28, 2018 at 04:32:42PM -0400, Viktor Dukhovni wrote: > > > > On Apr 28, 2018, at 2:41 PM, Kurt Roeckx wrote: > > > > So should I send that mail? > > I made some editorial changes to the Wiki section on SNI. > No strong views on sending the mail... So I've sent it.

Re: [openssl-project] When to enable TLS 1.3

In message <431270c5-3da3-4a9d-9292-12adc46cc...@dukhovni.org> on Sat, 21 Apr 2018 14:45:34 -0400, Viktor Dukhovni said: openssl-users> > We are considering if we should enable TLS 1.3 by default or not, openssl-users> > or when it should be enabled. For that, we

Re: [openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

On Thu, Apr 19, 2018 at 07:16:04PM -0400, Viktor Dukhovni wrote: > > * Something else? We could call for testing what really happens on -users? I could also send one to debian-devel-announce, we already have pre4 in experimental. Maybe we can convert the blog post into a wiki, update it to

Re: [openssl-project] When to enable TLS 1.3

In message on Thu, 19 Apr 2018 19:16:04 -0400, Viktor Dukhovni said: openssl-users> But not all the friction can be eliminated, and likely not openssl-users> all providers can be persuaded to be more accommodating.

Re: [openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

On Thu, Apr 19, 2018 at 07:16:04PM -0400, Viktor Dukhovni wrote: > > But not all the friction can be eliminated, and likely not > all providers can be persuaded to be more accommodating. > Which leaves us with some difficult judgement calls: > > * Restrict TLS 1.3 support to just applications

[openssl-project] When to enable TLS 1.3 (was: Google's SNI hurdle)

> On Apr 19, 2018, at 1:48 PM, Matt Caswell wrote: > >> I might suggest conditioning it on the compile-time version of OpenSSL >> headers. This is a common transition strategy for systems working >> through ABI constraints. (In some systems, this is implemented as some >>