On Tue, Sep 18, 2018 at 4:08 PM Joe Orton <jor...@redhat.com> wrote: > > As of r1841219 I think the tlsv1.3-for-2.4.x is ready for merging...
Thanks Joe for the hard work! > > A BIG caveat remains around Post-Handshake Auth. With the current Perl > stack (including whatever adjustments for OpenSSL 1.1.1 already > required) the failures I get with the test suite and that branch are > significant, because PHA is NOT enabled by default client-side and a > bunch of the tests rely on that. Does it work for mod_proxy auth with a httpd backend, both in TLS 1.3? I wonder because PHA isn't enabled on mod_proxy either, IIUC. Will test but possibly you did it already. > > I don't understand the logic behind disabling PHA by default, and I > think it's a serious error, but I am not optimistic that the decision > will be reversed. It's completely incomprehensible I guess... Regards, Yann.