On Fri, Oct 13, 2023 at 04:30:37PM +0200, William Lallemand wrote: > > and TLSv1.3 is a must-have, > > I don't get this point, mbedtls supports TLS 1.3 so I don't really > understand what they are talking about. Maybe they disable TLS 1.3 on > the 2.28 version for some rease but I couldn't find any detail. > >
Regarding this, I found in the changelog that mbedtls provides a minimum viable implementation of the TLS 1.3 protocol starting from the 3.1.0 version, so it explains everything. https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.1.0 > Mbed TLS provides a minimum viable implementation of the TLS 1.3 > protocol. See docs/architecture/tls13-support.md for the definition of > the TLS 1.3 Minimum Viable Product (MVP). The MBEDTLS_SSL_PROTO_TLS1_3 > configuration option controls the enablement of the support. The APIs > mbedtls_ssl_conf_min_version() and mbedtls_ssl_conf_max_version() allow > to select the 1.3 version of the protocol to establish a TLS connection. > -- William Lallemand