gopherbot
commented
9 months ago Change https://go.dev/cl/537575 mentions this issue: crypto/tls: don't require Config.Minversion to be set when using QUIC
Open marten-seemann opened 9 months ago
gopherbot
commented
9 months ago Change https://go.dev/cl/537575 mentions this issue: crypto/tls: don't require Config.Minversion to be set when using QUIC
neild
commented
9 months ago This seems reasonable to me. There isn't any benefit I can see to forcing the user to set MinVersion, and implicitly upping it it to 1.3 for QUIC connections lets the same Config be reused for QUIC and non-QUIC cases.
What version of Go are you using (
go version)?Does this issue reproduce with the latest release?
Yes
What did you do?
Using QUIC currently requires passing in a
tls.Configthat defines TLS 1.3 as its minimum TLS version. This makes it difficult to run a TLS/TCP and QUIC service using the sametls.Config, since the TLS/TCP service potentially doesn't want to limit the available TLS versions to TLS 1.3.The workaround applied by quic-go at the moment is cloning the config and setting TLS 1.3, but this has various downsides, as described by @dneil in https://github.com/golang/go/issues/63691.
What did you expect to see?
crypto/tls knows when a
Configis used for QUIC. Instead of requiringMinVersionto be set explicitly, it should treat any config as if this field was set to TLS 1.3.