[gnutls-dev] SRP compatibility problem between different GnuTLS version

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnutls-dev] SRP compatibility problem between different GnuTLS version

From:	Yoann Vandoorselaere
Subject:	[gnutls-dev] SRP compatibility problem between different GnuTLS version
Date:	Tue, 23 Jan 2007 10:27:28 +0100

Hi,

It appear there are compatibility issues with SRP between different
GnuTLS version. As an example, peers using GnuTLS-1.4.0 are not able to
proceed authentication with peers using GnuTLS-1.4.5: the handshake
terminate with a "GnuTLS internal error".

I suspect this is due to the following change in GnuTLS-1.4.2: 
** Change SRP and Cert-Type extensions to match IANA registry.

The problem is that this randomly break things for the end-user although
there are other authentication method usable (the client/server we are
using both support SRP and Anonymous authentication, which are supposed
to be negotiated when the communication start).

In this specific case, I would expect GnuTLS to use another
authentication method, if any, rather than failing.

My question is whether such breakage are predictable, and whether a
change in the application code might permit us to revert to another
authentication method in case it happen. 

Regards,

-- 
Yoann Vandoorselaere <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] SRP compatibility problem between different GnuTLS version, Yoann Vandoorselaere <=
- Re: [gnutls-dev] SRP compatibility problem between different GnuTLS version, Simon Josefsson, 2007/01/25
  - Re: [gnutls-dev] SRP compatibility problem between different GnuTLS version, Yoann Vandoorselaere, 2007/01/25

Prev by Date: [gnutls-dev] The future of OpenCDK
Next by Date: Re: [gnutls-dev] Building GnuTLS 1.6.1 under Mac OS X (fwd)
Previous by thread: [gnutls-dev] The future of OpenCDK
Next by thread: Re: [gnutls-dev] SRP compatibility problem between different GnuTLS version
Index(es):
- Date
- Thread