jtamate added a comment.
What protocol does KTcpSocket::SecureProtocols implement (I can't guess it)? If it is the same as QSsl:SecureProtocols <http://doc.qt.io/qt-5/qssl.html> it does: On the client side, this will send a TLS 1.0 Client Hello, enabling TLSv1_0 and SSLv3 connections. On the server side, this will enable both SSLv3 and TLSv1_0 connections. Shouldn't it try with TLS 1.3 when available and fall back to TLS 1.2, but not lower (for security reason)? REPOSITORY R241 KIO REVISION DETAIL https://phabricator.kde.org/D16344 To: aacid Cc: jtamate, carewolf, dfaure, stikonas, kde-frameworks-devel, michaelh, ngraham, bruns
