[Help-gnutls] Re: Default record version
simon at josefsson.org
Sun Feb 22 12:39:55 CET 2009
Martin von Gagern <Martin.vGagern at gmx.net> writes:
> Nikos Mavrogiannopoulos wrote:
>> The commit below adds a priority string called SSL3_RECORD_VERSION
>> that forces a compatibility mode where an SSL 3.0 record version is set
>> on the client hello. I have backported it to 2.6 branch as well.
> Pidgin is now using %SSL3_RECORD_VERSION, so I'm looking forward to the
> next releases to actually contain this feature. When will they happen?
The gnutls 2.7.x branch is in a pretty good state. The only thing I'm
aware of is that we should finish the TLS 1.2 implementation.
Alternatively, we could also disable the TLS 1.2 support until we have
finished the implementation.
(The current TLS 1.2 support is for an old TLS 1.2 draft which doesn't
interoperate with the final TLS 1.2...)
I don't think I will have time to look into this in the next few weeks
Also, this isn't a regression over GnuTLS 2.6.x which has the same
partial TLS 1.2 implementation. So we could also just document this
fact, and release now.
More information about the Gnutls-help