Fail to negotiate tls13-draft-22 against with chrome 63. - Githubissues

cloudflare / tls-tris

crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED.

Other

292 stars 50 forks source link

Fail to negotiate tls13-draft-22 against with chrome 63. #63

Closed phuslu closed 6 years ago

phuslu commented 6 years ago

Chrome 63 was shipped with tls13-draft-22 support [1], but seems that current tris cannot co-work with it.

My steps:

build out tris-localserver on commit https://github.com/cloudflare/tls-tris/commit/8db472667bf6426b18b528f0225fa58ec5e16a6f
set chrome://flags/#tls13-variant to Enabled (Experiment)
visit tris-localserver index page.

What I expect:

tris-localserver says tls13 works

What I get:

tris-localserver says tls12 works.

Meanwhile, the chrome://flags/#tls13-variant option is fine for gmail [2]

[1] https://www.ietf.org/mail-archive/web/tls/current/msg25168.html [2] https://inbox.google.com

phuslu commented 6 years ago

Invaild Case.

Chrome 63 TLS 1.3 Support means tls13Experiment1Version(0x7e01) in boringssl, not tls13Draft22Version(0x7f22)