Hi, the manpage for --secure-protocol option states this:
"Specifying SSLv2, SSLv3, TLSv1, TLSv1_1, TLSv1_2 or TLSv1_3 forces the use of the corresponding protocol." In reality, when you specify let's say --secure-protocol=TLSv1_2, wget sends a request to use this protocol AND all higher versions. So in the negotiation packet, we can see TLSv1_2 and TLSv1_3. In the gnutls.c in set_prio_default, this is exactly as described, though the description is confusing then. Maybe it should state that it will force the use of corresponding protocol and any higher version or something like that. On related note - is there a way to force wget to use just the one requested protocol? TLSv1_2 for instance? In case there is a broken support for TLSv1_3 for some reason? Thanks and regards, Michal Ruprich
