Hi, As you probably noticed I've been working on TLS 1.3 support, building on Chris's work in BZ 62748.
The current status is the Tomcat Native 1.2.x and Tomcat 9.0.x support TLSv1.3 in any of the following combinations: - NIO[2]+JSSE on Java 11 - NIO[2]+OpenSSL on Java 8 onwards - APR/Native on Java 8 onwards All combinations support server initiated requests for client certificates apart from NIO[2]+JSSE on Java 11 as the Java 11 TLSv1.3 implementation does not include post handshake authentication. I have made quite a few changes to the Native code to support this. My plan going forwards is as follows: - give folks until early next week to review the native changes - tag 1.2.18 early next week - hopefully release 1.2.18 late next week - update 9.0.x to require 1.2.18 or later - tag / release 9.0.x Alongside the above, I'll be backporting the TLSv1.3 support to 8.5.x and 9.0.x. Thoughts, comments and especially code reviews welcome. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
