René Meusel

Mhh, the boost version on CI doesn't seem to be recent enough for this example. I'll look into that later.

Let me dig this up again. The actual example that was initially part of this PR is already merged in #3901. This now just reduces this example by introducing a...

FWIW: We tested this with OpenSSL 3.2.0 and it works with both TLS 1.2 and 1.3. Botan TLS policy: ``` allow_tls13 = true allow_tls12 = true allow_dtls10 = false allow_dtls12...

Those cases don't result in a successful handshake. OpenSSL doesn't seem to offer the groups cross-version. Perhaps we should also try with OpenSSL as the server. Whether they accept TLS...

> By not successful do you mean the handshake ends up using P256? Or an alert occurs? In my particular example, it failed with "no common group". But I configured...

> Perhaps we should also try with OpenSSL as the server. Turns out that an OpenSSL server won't negotiate a connection with TLS 1.3 and the legacy code points either....

> For the user, the only selection he should make is between the three brainpool*r1 -- in policy files as well as programatically. Yeah, I agree, that would be great...

The more I look at that, the worse it gets, frankly. Handling all the edge cases properly, requires special stuff in several locations of the code base. Those special cases...

I force pushed the changes here, to: 1. take advantage of the changes in #3869 2. squash and clean up the history

Rebased to (latest) `master` after #3888.