On Thu, 18 Oct 2018, Robert Moskowitz wrote: > > > On 10/18/18 4:14 PM, Johnny Hughes wrote: >> On 10/18/2018 12:36 PM, Walter H. wrote: >>> On 18.10.2018 00:08, Johnny Hughes wrote: >>>> The bottom line .. we don't make the decision whether or not to use >>>> systemd or not. We rebuild RHEL source code. >>> will there come a CentOS 6.11 which will be capable of TLS1.3 or HTTP/2? >>> I'm sure there will come a CentOS 8, but when is it probable to be >>> released? >>> >> We have no idea .. we don't design what is in CentOS. If Red Hat adds >> those things to RHEL-6 then we will put them in CentOS .. If they don't >> we won't. > > And for example, if RH does not backport openSSL 1.1.1, you will not get > EDDSA certificate support for TLS 1.3. Now you might not care about this > for your servers and just continue to use ECDSA certs. Clients will > increasingly encounter EDDSA certs and it will be interesting to see how this > is handled in older clients. We have had years to spread support for ECDSA > before it started appearing from servers. May not for EDDSA. I am under the impression that TLSv1.3 support appeared in 1.1.1 so I don't believe that you could do any TLS 1.3 with prior versions. https://wiki.openssl.org/index.php/TLS1.3 Barry