[Git][NTPsec/ntpsec][master] Clean up OpenSSL 1.1.1 docs

[Matt Selsky]

Matt Selsky pushed to branch master at NTPsec / ntpsec


Commits:
5df11845 by Matt Selsky at 2020-04-22T17:00:53+00:00
Clean up OpenSSL 1.1.1 docs

- - - - -


2 changed files:

- INSTALL.adoc
- devel/nts.adoc


Changes:

=====================================
INSTALL.adoc
=====================================
@@ -17,7 +17,7 @@ There are some prerequisites.  Libraries need the binary installed
 to run and in addition, the development headers installed to build.
 
 We need pthreads (It's optional in POSIX)
-We need OpenSSL > 1.1.1a (1.1.1a has a fatal bug)
+We need OpenSSL != 1.1.1a (1.1.1a has a fatal bug)
 NTS needs TLS1.3 or newer.
 
 === The short version ===


=====================================
devel/nts.adoc
=====================================
@@ -622,20 +622,4 @@ Expansion to cover modes 6&7 should require an authentication token extension.
 
 More discussion of how to re-do Mode 6 has been moved to ntpv5.adoc.
 
-== Martin Langer's notes ==
-
-um... maybe the first hint... The current OpenSSL version doesn't
-work with NTS and TLS1.3. The TLS key exporter function fails
-because the exporter label is too long. It's an OpenSSL bug which is
-already committed and fixed. The next OpenSSL version 1.1.1b should
-work again.
-
-This is my current workaround:
-
---
-// TODO: bug in OpenSSL 1.1.1a --> "EXPORTER-network-time-security/1"
-// doesn't work.
-#define *TLS_Exporter_Labe**l* **"EXPORTER-nts/1"
---
-
 // end



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/5df118451c65c78f64c5b2d8ed80c7bfd27eaaab

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/5df118451c65c78f64c5b2d8ed80c7bfd27eaaab
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20200422/52dae3a5/attachment-0001.htm>