💾 Archived View for rawtext.club › ~sloum › geminilist › 007547.gmi captured on 2023-09-28 at 16:19:34. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
Alex // nytpu alex at nytpu.com
Sun Nov 7 17:01:15 GMT 2021
- - - - - - - - - - - - - - - - - - -
As of late 2019 client-side TLS 1.3 for LibreSSL was implemented, whichI can confirm. Server support was completed by mid-to-late 2020 but 1.3support for their OpenSSL API clone wasn't finished yet.
Apparently in the latest LibreSSL release (3.4.1, October 14th) theycompleted their implementation of the OpenSSL TLS 1.3 API, which meansthat an up-to-date LibreSSL should have full support for TLS 1.3 throughall of their various APIs as of now---although I can't confirm it sinceI use LibreSSL very intermittently and usually just for testing ofcross-compilation to a BSD.
I've been using GnuTLS a little bit in Ada and it seems to support 1.3fine although my testing was at the absolute most basic level.According to various developer's blogs and the changelog GnuTLS got TLS1.3 support before the RFC draft was even finalized (even as far back as2016 when it was in an ultra-draft state), so one can feel pretty safein assuming that any broken functionality would've been fixed by now.
I don't have experience with any other TLS libraries, sorry.
---
Vaguely related question: prior to the specification being finalized, isthere any plan to ensure that support for future TLS versions to besupported implicitly? Something simple like "Clients MAY/MUST use TLS1.3 (or the latest TLS version should TLS 1.3 be deprecated)" would bebetter than being stuck at TLS 1.3 forever.
~nytpu
-- Alex // nytpualex at nytpu.comgpg --locate-external-key alex at nytpu.com-------------- next part --------------A non-text attachment was scrubbed...Name: signature.ascType: application/pgp-signatureSize: 833 bytesDesc: not availableURL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20211107/527baaca/attachment.sig>