New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: set TLSPlaintext.version to MinVersion #31104
Comments
Apologies for responding to #31079 before seeing this. I still don't see the compelling use case for this config option. I'm aware of no servers that require 0x0303 as the protocol version, which would be off-spec behavior. When we have the option to select a default that works for everyone, we always prefer it to exposing a config option and delegating the complexity and learning requirement to the application. |
In our use-case an IPS is blocking negotiation when attempted at <TLS1.2. Being a network appliance this decision is made by observing ClientHello and therefore even if I set MinVersion to 1.2 I'm getting blocked. Understand that the default works for most use-cases but there could be edge cases where a proper version in ClientHello is required. All modern browsers adhere to proper TLS versions, so far the only issue I had is with Golangs' TLS :( |
If the IPS is abusing
I don't know what you mean about browsers, but my Chrome instance sends 0x0301 as |
I would love that too. If MinVersion is not set then default to current behavior. |
Thanks @FiloSottile , |
Actually found an authoritative answer in RFC 8446, Section 5.1: the ClientHello record layer version may only be 0x0303 or 0x0301.
We already set it to 0x0301, so it looks like doing anything else would be off-spec. |
In its current state, the crypto/tls package does not allow an implementer to choose whether a TLS 1.2 client should present the same TLS version (0x0303) in either record and handshake layers of the ClientHello message.
The current default behavior just sets the version in the record layer to 1.0 to maintain compatibility with legacy/buggy TLS server implementations.
This problem is described in RFC 5246 Appendix E.1
This may apply to TLS 1.1 as well
@FiloSottile @bradfitz
The text was updated successfully, but these errors were encountered: