TLS 1.2 and TLS1.3 extensions supported by nginx

preetham g preetham.1si12is030 at gmail.com
Fri Apr 21 11:50:51 UTC 2023 

Hi Team,

Can you please look into the below request about the TLS extensions? At
least need a confirmation about whether the below ones are supported by
Nginx or not. Please consider this a high priority.

encrypt_then_mac (0x0016)
use_srtp (0x000E)
certificate_authorities
post_handshake_auth

Thanks and regards
Preetham


On Wed, Apr 19, 2023 at 6:04 PM preetham g <preetham.1si12is030 at gmail.com>
wrote:

> If the extensive list is not available here are the specific extensions
> currently I'm looking for :
>
> TLS 1.2
>
> | signed_certificate_timestamp, or sct (0x0012)  | [RFC6962]          |
> | encrypt_then_mac (0x0016)                              | [RFC7366]
>    |
> | status_request (0x0005)                                    | [RFC6066]
>        |
> | use_srtp (0x000E)                                              |
> [RFC5764]          |
> | padding (0x0015)                                               |
> [RFC7685]          |
> | record_size_limit (0x001C)                                | [RFC8449]
>        |
> | trusted_ca_keys (0x0003)                                  | [RFC6066]
>        |
> | user_mapping (0x0006)                                     | [RFC4681]
>        |
> | srp (0x000C)                                                      |
> [RFC5054]          |
> | status_request_v2 (0x0011)                               | [RFC6961]
>      |
> | session_ticket (0x0023)                                     | [RFC5077]
> [RFC8447]|
>
>
> TLS 1.3
>
>
> | signed_certificate_timestamp                  | [RFC6962] |
> | status_request (0x0005)                          | [RFC6066] |
> | use_srtp (0x000E)                                   | [RFC5764] |
> | padding (0x0015)                                    | [RFC7685] |
> | record_size_limit (0x001C)                     | [RFC8449] |
> | pre_shared_key (0x0029)                       | [RFC8446] |
> | psk_key_exchange_modes (0x002D)     | [RFC8446] |
> | certificate_authorities (0x002F)               | [RFC8446] |
> | oid_filters (0x0030)                                  | [RFC8446] |
> | post_handshake_auth (0x0031)              | [RFC8446] |
>
> Thanks and Regards
> Preetham
>
> On Wed, Apr 19, 2023 at 5:32 PM preetham g <preetham.1si12is030 at gmail.com>
> wrote:
>
>> Hi Team,
>>
>> I wanted the list of the TLS 1.2 and TLS 1.3 extensions that are
>> currently being supported by the Nginx. Can you please provide the same.
>>
>> Regards
>> Preetham
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230421/a96d644b/attachment.htm>

More information about the nginx mailing list