Open SiyiJia opened 3 years ago
Windows side: the tls 1.3 is not available in all windows version, to keep track please refere to the link:
https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-
Seems that it was supported in Windows 10 20h1 for testing purpose only and disabled (?!) in windows 10 20h2.
Anyway the flag to enable tls 1.3 is still not officially documented in the windows api (https://docs.microsoft.com/en-us/windows/win32/winhttp/option-flags?redirectedfrom=MSDN) but it should be:
# define WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_3 0x00002000
Please mind that supporting TLS 1.3 is still not official.
see https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-server-2022
I tried modify curl schannel code to download using tls 1.3 without success (with windows server 2022 - 21H2 Build 20339.2 Windows insider) https://github.com/curl/curl/discussions/6958
But under Windows 2022 - 21H2 I was able to get a tls 1.3 response with a wininet api (test with https://tls13.akamai.io/ )
Microsoft Windows11 / Windows 2k22 server are supporting TLS1.3. Is there any plan to support TLS1.3 now?
Microsoft also work on quic https://en.wikipedia.org/wiki/MsQuic https://github.com/microsoft/msquic
I understand Casablanca has supported both TLS 1.1 and TLS1.2 since version 2.10. As the codes described below, it enables TLS 1.1 and 1.2 via
WINHTTP_OPTION_SECURE_PROTOCOLS
.My question is, does Casablanca plan to support TLS 1.3 on both Windows and Linux? Are there any suggestions if I want to enable TLS 1.3? I tried adding
WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_3
into the protocol list but failed to achieve it.