(12-05-2018, 10:13 AM)Codehunter Wrote: Prior i had read some discussions about Indy and TLS 1.3 including your statements about OpenSSL 1.1.1. I was thinking that these major changes in OpenSSL API would lead to heavy work on Indy for you and your coworkers.
Yes, it will.
(12-05-2018, 10:13 AM)Codehunter Wrote: But i had not found a final decision from you, wheather Indy will support OpenSSL 1.1.1 in the future or not.
We are still discussing the particulars about it, and so there is no ETA at this time. It WILL happen, I just don't know WHEN.
(12-05-2018, 10:13 AM)Codehunter Wrote: The day will come and TLS 1.3 is state-of-the-art.
Yes, but not for a couple of years. It is still very new, not many sites are using it yet. TLS 1.1 and 1.2 will suffice for awhile, so there is still time.
(12-05-2018, 10:13 AM)Codehunter Wrote: Often, one of the big players (mostly Mozilla or Google) decide to drop the support of older encryption from their browsers.
Yes, but TLS 1.1 and 1.2 are not going to be dropped anytime soon (PCI didn't require migrating from TLS 1.0 to 1.1 until just earlier this year). The big players, and many websites, have only just recently started dropping TLS 1.0, and that has been around a long time (since 1999). For instance, Apple, Microsoft, Google, and Mozilla are not going to drop TLS 1.0 and 1.1 until 2020.
(12-05-2018, 10:13 AM)Codehunter Wrote: Some of the REST servers for which i use Indy offers only TLS 1.2 anymore.
Which is fine, since Indy supports TLS 1.2 today (it is just not enabled by default).