[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: client certificate authentication
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: client certificate authentication |
Date: |
Sun, 01 Feb 2009 11:07:31 +0100 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.60 (gnu/linux) |
Nikos Mavrogiannopoulos <address@hidden> writes:
> The attached patch tries stay on the safe side and don't try to upgrade
> the TLS version on a rehandshake. I'm not sure whether this is the right
> thing to do, although performing a rehandshake to upgrade the TLS
> version seems quite unlikely.
I suspect it will become more likely given TLS 1.1 and TLS 1.2: you may
want to try TLS 1.0 on initial handshake, and then want to attempt more
recent TLS versions to get more advanced features from the other end --
however I think we use the patch for now and revisit this if someone
runs into this limit in the future.
This seems like a protocol issue, so we could ask on the IETF list
too...
/Simon
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Help-gnutls] Re: client certificate authentication,
Simon Josefsson <=