deltachat-ios icon indicating copy to clipboard operation
deltachat-ios copied to clipboard

Published 20 hours ago verified publisher icon deltachat

TLS 1.3 support?

Open Simon-Laux opened this issue 2 years ago • 1 comments

was reported on the forum:

  • https://support.delta.chat/t/tls-1-3-support-on-ios/2239
  • https://support.delta.chat/t/does-delta-chat-support-tls-1-3/2231

Can we fix it or is it because we use system ssl or sth like that? Or do we just need to update openssl in DC core?

Simon-Laux avatar Sep 22 '22 17:09 Simon-Laux

cc @link2xt

r10s avatar Sep 22 '22 19:09 r10s

is this even an ios issue? also, not sure how practical only-tls-1.3 is, according to https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3 this looks like bleeding edge to me, probably at some point support will get better automatically? cc @link2xt

r10s avatar Dec 08 '22 15:12 r10s

In the end we use https://lib.rs/crates/native-tls which uses OpenSSL normally, but native implementation on macOS and Windows. New OpenSSL versions now have TLS 1.3 enabled by default, but generally speaking it is not supported yet. There is an upstream PR https://github.com/sfackler/rust-native-tls/pull/235 with some discussion.

link2xt avatar Dec 08 '22 16:12 link2xt

More direct upstream issue: https://github.com/sfackler/rust-native-tls/issues/140

link2xt avatar Dec 08 '22 16:12 link2xt

k, thanks for the information and the links. so that will probably fade in then.

currently, it seems not advisable to set up a server only supporting TLS 1.3.

closing this issue as there is nothing ios can do about it.

r10s avatar Dec 08 '22 17:12 r10s