lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Update TLS 1.3 documentation and add change log

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2023-03-14 16:46:22 +01:00
parent d120bd646c
commit 4d31496294
2 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog.d/tls13-server-version-negotiation.txt Normal file
View File

@ -0,0 +1,5 @@
Features
* Add support for server-side TLS version negotiation. If both TLS 1.2 and
TLS 1.3 protocols are enabled, the TLS server now selects TLS 1.2 or
TLS 1.3 depending on the capabilities and preferences of TLS clients.
Fixes #6867.

8
docs/architecture/tls13-support.md
View File

@ -86,17 +86,11 @@ Support description
- Supported versions: - Supported versions:
- TLS 1.2 and TLS 1.3 with version negotiation on the client side, not server - TLS 1.2 and TLS 1.3 with version negotiation on client and server side.
side.
- TLS 1.2 and TLS 1.3 can be enabled in the build independently of each - TLS 1.2 and TLS 1.3 can be enabled in the build independently of each
other. other.
- If both TLS 1.3 and TLS 1.2 are enabled at build time, only one of them can
be configured at runtime via `mbedtls_ssl_conf_{min,max}_tls_version` for a
server endpoint. Otherwise, `mbedtls_ssl_setup` will raise
`MBEDTLS_ERR_SSL_BAD_CONFIG` error.
- Compatibility with existing SSL/TLS build options: - Compatibility with existing SSL/TLS build options:
The TLS 1.3 implementation is compatible with nearly all TLS 1.2 The TLS 1.3 implementation is compatible with nearly all TLS 1.2