require additional system-dependent options! See "Note on
multi-threading" below.
+ enable-tls13downgrade
+ TODO(TLS1.3): Make this enabled by default and remove the
+ option when TLSv1.3 is out of draft
+ TLSv1.3 offers a downgrade protection mechanism. This is
+ implemented but disabled by default. It should not typically
+ be enabled except for testing purposes. Otherwise this could
+ cause problems if a pre-RFC version of OpenSSL talks to an
+ RFC implementation (it will erroneously be detected as a
+ downgrade).
+
no-ts
Don't build Time Stamping Authority support.