tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 62748] Add support for TLS 1.3 (RFC 8446)
Date Wed, 10 Oct 2018 15:07:56 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=62748

--- Comment #23 from Christopher Schultz <chris@christopherschultz.net> ---
(In reply to Rainer Jung from comment #21)
> (In reply to Christopher Schultz from comment #17)
> > A quick test with Firefox 62 and Chrome 69 shows that they are still
> > connecting using TLSv1.2.
> 
> Both are expected to implement the final 1.3 in the next version (Firefox
> 63, Chrome 70). I think the current version can not successfully handshake
> with a final 1.3 impl due to a draft protocol version they use, so the
> protocol version numbers don't match.

Thanks for that clarification. It's shocking that Java is ahead of the curve on
this one.

On the other hand, ff can connect to mail.google.com using TLSv1.3 and the
TLS_AES_128_GCM_SHA256 cipher suite, while Chrome uses QUIC and what appears to
be the same ciphersuite.

For ref:

Firefox 63:
https://blog.mozilla.org/security/2018/08/13/tls-1-3-published-in-firefox-today/
Chrome 70: https://www.chromium.org/Home/tls13

Looks like just a few days before both updates are scheduled to occur. I
haven't tried any of the betas.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message