[gnutls-devel] GnuTLS | gnutls-serv and gnutls-client fail with "Detected downgrade to TLS 1.2 from TLS 1.3" (#837)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sun Oct 20 19:47:32 CEST 2019




Peter Wu commented:


It appears that developers can mess up their implementations and hard-code the priority string `NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3`, resulting in advertising TLS 1.2, TLS 1.3 in the supported_versions extension, see https://github.com/systemd/systemd/issues/13528

I cannot think of a secure use case where you want to support both TLS 1.2 and 1.3, but prefer TLS 1.2. And clearly, GnuTLS cannot handle spec-compliant servers that end up agreeing TLS 1.2 and send a downgrade signal (see the previous systemd issue). So what about always advertising TLS 1.3 before 1.2, regardless of the priority string?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/837#note_232986603
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191020/76ef7aed/attachment.html>


More information about the Gnutls-devel mailing list