<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    So I would ! for all TLS 1.2 strings ? Leaving only the TLS1.3
    suites ?<br>
    <br>
    Maybe a example config line would be good please. Sorry this is more
    OpenSSL and off topic a bit.<br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 2/19/2019 5:54 AM, Chris via
      Unbound-users wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:9a2de7a1-cfcb-e149-88c4-68f63d59f0ff@xymox1.com">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      Hmm.. I am unclear..<br>
      <br>
      Would I disallow all TLS1.2 to allow only TLS1.3 ?<br>
      <br>
      <div class="moz-cite-prefix">On 2/19/2019 5:15 AM, A. Schulze via
        Unbound-users wrote:<br>
      </div>
      <blockquote type="cite"
cite="mid:20190219131556.Horde.TjsPruBuvJeAv_lK4rd6HLV@andreasschulze.de"><br>
        John via Unbound-users: <br>
        <br>
        <blockquote type="cite">
          <blockquote type="cite">tls-ciphers: <string with cipher
            list> <br>
          </blockquote>
        </blockquote>
        <br>
        assumed unbound is compiled/linked with openssl, then it's the
        usual openssl cipher selection 'language' <br>
        see "man ciphers" or <a class="moz-txt-link-freetext"
          href="https://www.openssl.org/docs/manmaster/man1/ciphers.html"
          moz-do-not-send="true">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a>
        <br>
        <br>
        Andreas <br>
        <br>
        <br>
      </blockquote>
      -------- Forwarded Message --------
      <table class="moz-email-headers-table" cellspacing="0"
        cellpadding="0" border="0">
        <tbody>
          <tr>
            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
            </th>
            <td>Unbound 1.9 tls-ciphers Settings</td>
          </tr>
          <tr>
            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
            <td>Tue, 19 Feb 2019 06:37:41 +0100</td>
          </tr>
          <tr>
            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
            <td>John via Unbound-users <a class="moz-txt-link-rfc2396E"
                href="mailto:unbound-users@nlnetlabs.nl"
                moz-do-not-send="true"><unbound-users@nlnetlabs.nl></a></td>
          </tr>
          <tr>
            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">Reply-To:
            </th>
            <td>John <a class="moz-txt-link-rfc2396E"
                href="mailto:unbound@2020.temporarily.de"
                moz-do-not-send="true"><unbound@2020.temporarily.de></a></td>
          </tr>
          <tr>
            <th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
            <td><a class="moz-txt-link-abbreviated"
                href="mailto:unbound-users@nlnetlabs.nl"
                moz-do-not-send="true">unbound-users@nlnetlabs.nl</a></td>
          </tr>
        </tbody>
      </table>
      <br>
      <br>
      Hello Unbound List<br>
      <br>
      Since this relaease 1.9. is it possible, to make settings for<br>
      tls-ciphers<br>
      tls-ciphersuites<br>
      tls-session-ticket-keys<br>
      <br>
      Unfortunately nowhere is written which values can be used<br>
      In <a class="moz-txt-link-freetext"
        href="https://nlnetlabs.nl/documentation/unbound/unbound.conf/"
        moz-do-not-send="true">https://nlnetlabs.nl/documentation/unbound/unbound.conf/</a><br>
      is only written<br>
      <blockquote type="cite">
        <pre class="moz-quote-pre" wrap="">tls-ciphers: <string with cipher list>
</pre>
      </blockquote>
      <br>
      If I wants to set i.e. only TLS 1.3 how have I to write it<br>
      tls-ciphers: tls-1.3<br>
      or have I to use tls-ciphersuites?<br>
      <br>
      Maybe someone can tell me about the values which I can use?<br>
      <br>
      Regards<br>
      John<br>
    </blockquote>
    <br>
  </body>
</html>