proposal: crypto/tls: remove minimum version requirement for tls.Config used for QUIC

[marten-seemann]

Proposal Details

The crypto/tls package requires tls.Config.MinVersion >= VersionTLS13 for QUIC connections to enforce RFC 9001's TLS 1.3 requirement.

This forces QUIC implementations and users to clone the tls.Config when sharing it between TCP (which may allow TLS 1.2+) and QUIC. Cloning adds overhead and is problematic after changes to Config.Clone (see #77113) and other QUIC workarounds (see #77363).

A common use case is a dual-stack HTTP server supporting HTTP/2 (TLS 1.2+) and HTTP/3 (TLS 1.3 only) with a single shared tls.Config where MinVersion = VersionTLS12.

Proposal
Remove the explicit MinVersion check for QUIC. When a tls.Config is used in QUIC context, internally clamp the effective minimum to VersionTLS13 while preserving the original value for non-QUIC use.

This would:

• Remove a major reason to clone tls.Config for QUIC.
• Simplify dual-stack server configurations.
• Leave QUIC-only Configs unaffected.

[gabyhelp]

Related Issues

• crypto/tls: don't require Config to set MinVersion = TLS13 when using QUIC #63722
• proposal: crypto/tls: allow QUIC to configure net.Conn used on ClientHelloInfo #77363
• crypto/tls: set TLSPlaintext.version to MinVersion #31104 (closed)
• crypto/tls: missing check for versions offered in ClientHello when using QUIC #63723 (closed)
• crypto/tls: support QUIC as a transport #44886 (closed)
• crypto/tls: make default minimum version for servers TLS 1.2 #62459 (closed)
• proposal: crypto/tls: synchronous processing of TLS handshake messages when using QUIC #74922

Related Code Changes

• crypto/tls: check client's supported versions when using QUIC
• crypto/tls: don't require Config.Minversion to be set when using QUIC

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}

[gopherbot]

Change https://go.dev/cl/745980 mentions this issue: crypto/tls: remove minimum version requirement for Config used for QUIC