disable TLS 1.3?

[semik]

Disable TLS 1.3 in configuration file passed to eapol_test until it's usage is standartized.

https://github.com/FreeRADIUS/freeradius-server/issues/2385#issuecomment-454253254

[jolly-jump]

Hi. What is the status of TLS 1.3 ? I can't find enough information as to when it should be standardized. This seems to trickle down to freeradius (https://github.com/FreeRADIUS/freeradius-server/issues/2385) where the issue was closed due to being tracked elsewhere (here?). And from freeradius seemingly not being able to support TLS 1.3 it annoys users of Windows 11 22H2 which get TLS 1.3 by default: https://www.reddit.com/r/Windows11/comments/xoqz76/windows_11_22h2_cant_connect_to_enterprise_wifi/

Normally, I wouldn't give a damn about Windows, but just asking the users to pin their installations down to TLS 1.2 seems even to me the wrong kind of advice.

Is TLS 1.3 not supported by freeradius? Is TLS 1.3 standardized by now? Is pinning down to 1.2 the only solution in Windows?

Any hints? Thanks!

[jolly-jump]

Maybe, this comment answers at least my first question: https://github.com/FreeRADIUS/freeradius-server/issues/4124#issuecomment-1139587437 "If you need TLS 1.3, use 3.2.0."