The IESG has approved TLS protocol version 1.3 …
The area that was most controversial was around the inclusion of a 0-RTT mode that has different security properties than the rest of TLS.
IETF.org Announcement
HackerNews Discussion
I see that Caddy currently supports TLS 1.0, 1.1, and 1.2 … are plans for supporting 1.3 already in the works? Will 0-RTT mode be off by default? Someone on HackerNews wrote,
I hope embeddings like Nginx add a nice configuration interface like “enable_0rtt YES_I_UNDERSTAND_THIS_MIGHT_BE_INSANE;” or similar.
1 Like
matt
(Matt Holt)
March 25, 2018, 5:54am
2
We’re just waiting for Go to implement it in the standard library. When that happens, Caddy will get TLS 1.3, sure enough. Not sure yet about 0-RTT.
3 Likes
It looks like the GoLang request for TLS 1.3 is still open, unfortunately.
opened 03:28AM - 23 Jan 15 UTC
closed 08:45PM - 12 Nov 18 UTC
NeedsFix
FeatureRequest
FrozenDueToAge
See https://tools.ietf.org/html/draft-ietf-tls-tls13.
Coexistence of IPv4 and I… Pv6 harms the net package.
Coexistence of HTTP/1.x and HTTP/2 will harm the net/http package.
For now looks coexistence of TLS 1.2 and 1.3 won't harm the crypto/tls package.
How about a variety of compositions on HTTP over TLS over IP?
system
(system)
Closed
July 24, 2018, 3:46am
4
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.