[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] SRP compatibility problem between different GnuTLS version
From: |
Yoann Vandoorselaere |
Subject: |
[gnutls-dev] SRP compatibility problem between different GnuTLS version |
Date: |
Tue, 23 Jan 2007 10:27:28 +0100 |
Hi,
It appear there are compatibility issues with SRP between different
GnuTLS version. As an example, peers using GnuTLS-1.4.0 are not able to
proceed authentication with peers using GnuTLS-1.4.5: the handshake
terminate with a "GnuTLS internal error".
I suspect this is due to the following change in GnuTLS-1.4.2:
** Change SRP and Cert-Type extensions to match IANA registry.
The problem is that this randomly break things for the end-user although
there are other authentication method usable (the client/server we are
using both support SRP and Anonymous authentication, which are supposed
to be negotiated when the communication start).
In this specific case, I would expect GnuTLS to use another
authentication method, if any, rather than failing.
My question is whether such breakage are predictable, and whether a
change in the application code might permit us to revert to another
authentication method in case it happen.
Regards,
--
Yoann Vandoorselaere <address@hidden>
- [gnutls-dev] SRP compatibility problem between different GnuTLS version,
Yoann Vandoorselaere <=