Re: TLSv1.3 supprt for 2.4.x?
On Tue, Sep 18, 2018 at 4:08 PM Joe Orton <jorton@xxxxxxxxxx> wrote:
> As of r1841219 I think the tlsv1.3-for-2.4.x is ready for merging...
Thanks Joe for the hard work!
> A BIG caveat remains around Post-Handshake Auth. With the current Perl
> stack (including whatever adjustments for OpenSSL 1.1.1 already
> required) the failures I get with the test suite and that branch are
> significant, because PHA is NOT enabled by default client-side and a
> bunch of the tests rely on that.
Does it work for mod_proxy auth with a httpd backend, both in TLS 1.3?
I wonder because PHA isn't enabled on mod_proxy either, IIUC.
Will test but possibly you did it already.
> I don't understand the logic behind disabling PHA by default, and I
> think it's a serious error, but I am not optimistic that the decision
> will be reversed.
It's completely incomprehensible I guess...