[gnutls-devel] GnuTLS | gnutls-serv and gnutls-client fail with "Detected downgrade to TLS 1.2 from TLS 1.3" (#837)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sun Oct 20 19:47:32 CEST 2019

Peter Wu commented:

It appears that developers can mess up their implementations and hard-code the priority string `NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3`, resulting in advertising TLS 1.2, TLS 1.3 in the supported_versions extension, see https://github.com/systemd/systemd/issues/13528

I cannot think of a secure use case where you want to support both TLS 1.2 and 1.3, but prefer TLS 1.2. And clearly, GnuTLS cannot handle spec-compliant servers that end up agreeing TLS 1.2 and send a downgrade signal (see the previous systemd issue). So what about always advertising TLS 1.3 before 1.2, regardless of the priority string?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/837#note_232986603
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191020/76ef7aed/attachment.html>

More information about the Gnutls-devel mailing list