Closed tegk closed 4 years ago
Yes, time to add TLS 1.3
To do:
remove SSL 3 from example config, also remove TLS_FALLBACK_SCSV
form cipher suite list.
add TLS 1.3 support, and any new cipher options
Remove SSL 3 entirely, when built with Go 1.14 and higher.
Hmm, there's no easy way to "Remove SSL 3 entirely, when built with Go 1.14 and higher." Therefore, will leave it in for now & deprecate it, remove once it's actually removed from Go.
btw, TLS 1.3 adds some new ciphersuites, but these can't be configured. Assuming that they can be used with older TLS versions
Actually, may be able to just use the // +build !go1.14
build tag to "Remove SSL 3 entirely, when built with Go 1.14 and higher." afterall :-)
Another issue is that it seems like Travis CI broke for Go 1.10 and 1.9, will remove these from the tests.
Is it correct to assume that we do not support TLS 1.3 at the moment but do support ssl3.0?
config.go:127:1
Shall we remove ssl3.0 as it will be deprecated in Go 1.14 and is not secure? We also have to add TLS 1.3 :-)