On Mon, Oct 16, 2023 at 02:40:37PM +0200, William Lallemand wrote: > On Fri, Oct 13, 2023 at 04:30:37PM +0200, William Lallemand wrote: > > > and TLSv1.3 is a must-have, > > > > I don't get this point, mbedtls supports TLS 1.3 so I don't really > > understand what they are talking about. Maybe they disable TLS 1.3 on > > the 2.28 version for some rease but I couldn't find any detail. > > > > > > Regarding this, I found in the changelog that mbedtls provides a minimum > viable implementation of the TLS 1.3 protocol starting from the 3.1.0 > version, so it explains everything. > > https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.1.0 > > Mbed TLS provides a minimum viable implementation of the TLS 1.3 > > protocol. See docs/architecture/tls13-support.md for the definition of > > the TLS 1.3 Minimum Viable Product (MVP). The MBEDTLS_SSL_PROTO_TLS1_3 > > configuration option controls the enablement of the support. The APIs > > mbedtls_ssl_conf_min_version() and mbedtls_ssl_conf_max_version() allow > > to select the 1.3 version of the protocol to establish a TLS connection. > > > >
Related to this discussion, I think that's a good example: https://github.com/wolfSSL/wolfssl/issues/6928 -- William Lallemand
