bump retries; ssl min version

[x5a]

No description provided.

[p-i-]

I'm super-curious -- what problem is this PR solving? (I've been using this tech since the day it came out and haven't observed any ClaudeAPI connection issues).

[libertyteeth]

Man-in-the-middle attack, I think?

Yeah, I asked ChatGPT; here's a long-ish answer: https://chatgpt.com/share/6738ac86-100c-8001-b083-83b1f2d542cd

Includes attacks BEAST and POODLE (amusing, one seems much worse than the other, like a Noisy Cricket :) ), and mentions TLSv1.3 has performance improvements and security enhancements.

TLDR of it seems to be making sure the server is who they say they are (i.e., MITM attacks); and, keeping data from prying eyes (encryption).

Looking it up in Wikipedia, https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations , I see TLS 1.2 came out in 2008; 1.3 was a decade later, in 2018, which is now 6 years ago. There is a DTLS 1.3, from 2022, which builds on TLS 1.3 (D for Datagram).

There is no roadmap for a version beyond 1.3, like 1.4 or 2.0.

I haven't built it but it looks helpful. Perhaps Anthropic is under this type of attack?

[x5a]

@p-i- @libertyteeth this PR was to help debug a user experiencing a similar issue to #85 - our CDN does not support connections with < TLS 1.2 so users are generally protected against MITM attacks on older TLS/SSL versions.