Implement TLS 1.3

Question

Implement TLS 1.3

Opened this issue 5 years ago · 3 comments

According to the SSL test, Sailfish Browser does not support TLS 1.3. Some sites support only TLS 1.3, and this leads to a connection error.

Answer 1 · 2019-09-26T20:09:15.000Z

Just for some related background, it looks like TLS 1.3 was first added to NSS 3.29 (FF 53) but not turned on by default (due to compatibility issues) until FF 60. Sailfish Browser appears to be on NSS 3.21 (ESR 45), so no support for TLS 1.3.

Mozilla has a useful page with info about TLS 1.3 and also runs a test page.

Answer 2 · 2019-09-27T06:02:04.000Z

We build xulrunner (gecko) against system nss that is at the moment 3.39. So if there's some build flags missing / not enabled and it ok to enable we should fix those.

Answer 3 · 2021-09-04T14:32:58.000Z

https://browserleaks.com/ssl now says Sailfish supports TLS 1.3, so this seems to be fixed (since the browser got rebased on Gecko 60).