Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

  OpenWrt has transitioned its default cryptographic library from wolfssl to mbedtls. This shift brings several changes and implications: 

  * Users should be aware that mbedtls 2.28 no longer supports TLS 1.3.
Am I reading this correctly? They switched to a different tls library that doesn't support TLS 1.3?


It's work in progress: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/ar...

Newer version have okay-ish support, I'd guess the next OpenWRT release will have it again.


By default, yes. But if you read the next paragraph:

"While mbedtls is now the default, users who have specific needs or preferences can still manually switch back to wolfssl or choose openssl."


I did read the next paragraph - I just didn't quote it because it wasn't relevant to my question. :-D


To be clear, this is for the router admin interface. Your day-to-day TLS3 browsing is unaffected.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: