Update TLS 1.3 documentation and add change log
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
d120bd646c
commit
4d31496294
2 changed files with 6 additions and 7 deletions
5
ChangeLog.d/tls13-server-version-negotiation.txt
Normal file
5
ChangeLog.d/tls13-server-version-negotiation.txt
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
Features
|
||||
* Add support for server-side TLS version negotiation. If both TLS 1.2 and
|
||||
TLS 1.3 protocols are enabled, the TLS server now selects TLS 1.2 or
|
||||
TLS 1.3 depending on the capabilities and preferences of TLS clients.
|
||||
Fixes #6867.
|
||||
|
|
@ -86,17 +86,11 @@ Support description
|
|||
|
||||
- Supported versions:
|
||||
|
||||
- TLS 1.2 and TLS 1.3 with version negotiation on the client side, not server
|
||||
side.
|
||||
- TLS 1.2 and TLS 1.3 with version negotiation on client and server side.
|
||||
|
||||
- TLS 1.2 and TLS 1.3 can be enabled in the build independently of each
|
||||
other.
|
||||
|
||||
- If both TLS 1.3 and TLS 1.2 are enabled at build time, only one of them can
|
||||
be configured at runtime via `mbedtls_ssl_conf_{min,max}_tls_version` for a
|
||||
server endpoint. Otherwise, `mbedtls_ssl_setup` will raise
|
||||
`MBEDTLS_ERR_SSL_BAD_CONFIG` error.
|
||||
|
||||
- Compatibility with existing SSL/TLS build options:
|
||||
|
||||
The TLS 1.3 implementation is compatible with nearly all TLS 1.2
|
||||
|
|
|
|||
Loading…
Reference in a new issue