In the context of https://github.com/JKRhb/dtls2/pull/97, I noticed that the cipher suite PSK-AES128-CCM8 which is the minimum requirement for CoAPS according to RFC 7252, is not usable with OpenSSL 3.2 by default anymore. That is because the cipher suite only provides 128 bits of security, which now requires a security level of 0 (i.e., "Everything is permitted").
In the context of https://github.com/JKRhb/dtls2/pull/97, I noticed that the cipher suite
PSK-AES128-CCM8
which is the minimum requirement for CoAPS according to RFC 7252, is not usable with OpenSSL 3.2 by default anymore. That is because the cipher suite only provides 128 bits of security, which now requires a security level of 0 (i.e., "Everything is permitted").To deal with this, there should be a way to let users configure the security level. A helpful resource can be found here: https://www.openssl.org/docs/man3.2/man3/SSL_CTX_set_security_level.html