Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Next is TLS 1.3 support, hopefully :)

# openssl s_client -connect news.ycombinator .com:443 -tls1_3 CONNECTED(00000003) 4160736388:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl/record/rec_layer_s3.c:1562:SSL alert number 70 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 244 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported No ALPN negotiated Early data was not sent Verify return code: 0 (ok)



It was briefly turned on years ago and then turned off. I guess it broke the website for those behind corporate MITM boxes.


There's a lot of websites out there that does TLS 1.3. Surely not an issue for MITM boxes? Otherwise they wouldn't be able to access much...


Maybe that wasn't true years ago?


Should be able to support both. Client can negotiate between either TLS v1.2 and TLS v1.3. Server has to support 1.3 though.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: