Nothing important, but just wondering what’s the current status of TLS1.3 support.
So I downloaded openssl 1.1.1 from their git repo, compiled and installed.
[email protected]:~$ openssl version
OpenSSL 1.1.1-pre7-dev xx XXX xxxx
[email protected]:~$ openssl s_client -tls1_3 -connect tls13.cloudflare.com:443 -crlf
140605700010432:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl/record/rec_layer_s3.c:1570:SSL alert number 70
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 244 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Protocol : TLSv1.3
Cipher : 0000
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1525828767
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Obviously this is total beta on both sides, so no complaints. Just wondering when people will think things will settle down and standardize now that they finalized the draft. Personally, I’m just looking forward to improved security, but IRL I know I’m probably going to be stuck with clients still using TLS1.0.