From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 12 Feb 2021 14:14:37 +0000 (+0100)
Subject: Merge branch 'tls13'
X-Git-Tag: 5.9.2rc1~23
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=c7a0f2698d4dadd31b9d9d666cf807275b4d5d08

Merge branch 'tls13'

This adds support for TLS 1.3 to libtls and adds several new features to
existing TLS versions (e.g. support for x25519/x448, EdDSA or RSA-PSS).

Unfortunately, TLS 1.3 is not really usable for TLS-based EAP methods in
practice because, in particular, key derivation is not yet standardized.
While it works between two strongSwan instances and even FreeRADIUS 3.0.21,
there will be compatibility issues in the future when implementations move
to a standardized scheme.  There are currently two Internet-Drafts in
development to specify that (see 121ac4b9e37e for details).  Until they are
more stable, the default maximum version is set to 1.2.

The default minimum version has also been increased to 1.2 and several
older/weaker cipher suites have been removed (e.g. with 3DES and MD5).
---

c7a0f2698d4dadd31b9d9d666cf807275b4d5d08