fix document about tls13

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2025-01-01 09:10:03 +00:00 · 2022-01-27 12:55:32 +08:00 · 2022-01-27 12:55:32 +08:00 · adb1869f8d
commit adb1869f8d
parent 72a0565e13
1 changed files with 7 additions and 11 deletions
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md
@ -122,20 +122,16 @@ MVP definition

 - Supported versions:

-  - only TLS 1.3, version negotiation is not supported.
+  - TLS 1.2 and TLS 1.3 but version negotiation is not supported.

-  - TLS 1.3 and 1.2 can be disable/enable with build option. One of them MUST be
-    enabled. Supported build options:
+  - TLS 1.3 can be enabled in the build (MBEDTLS_SSL_PROTO_TLS1_3 configuration
+    option) without TLS 1.2 (MBEDTLS_SSL_PROTO_TLS1_2 configuration option).

-    | MBEDTLS_SSL_PROTO_TLS1_2 | MBEDTLS_SSL_PROTO_TLS1_3 |
-    | ------------------------ | ------------------------ |
-    | yes                      | no                       |
-    | no                       | yes                      |
-    | yes                      | yes                      |
+  - TLS 1.2 can be enabled in the build independently of TLS 1.3.

-  - If both TLS 1.3 and TLS 1.2 are enabled, only one of them can be configured
-    enabled via `mbedtls_ssl_conf_{min,max}_version`. Otherwise, `mbedtls_ssl_setup`
-    will raise `MBEDTLS_ERR_SSL_BAD_CONFIG` error.
+  - If both TLS 1.3 and TLS 1.2 are enabled at build time, only one of them can
+    be configured at runtime via `mbedtls_ssl_conf_{min,max}_version`. Otherwise,
+    `mbedtls_ssl_setup` will raise `MBEDTLS_ERR_SSL_BAD_CONFIG` error.

 - Compatibility with existing SSL/TLS build options: