[Cryptography] WireGuard
John-Mark Gurney
jmg at funkthat.com
Mon Sep 3 23:24:13 EDT 2018
Peter Gutmann wrote this message on Mon, Sep 03, 2018 at 20:05 +0000:
> John-Mark Gurney <jmg at funkthat.com> writes:
>
> >This means that the client has to know which servers support it and enforce
> >it, meaning that it cannot be deployed on standard websites for years...
>
> It's an extension negotiated between client and server, the client doesn't
> need to know whther the server supports it or not, and any server can deploy
> it right now.
Just for everyone's reference, OpenSSL v1.1.0 was the first version to
support Extended Master Secret. 1.0.2 does not have this support.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list