[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TLS Renegotiation problem

From: Steve Dispensa
Subject: Re: TLS Renegotiation problem
Date: Tue, 10 Nov 2009 08:08:00 -0600
User-agent: Microsoft-Entourage/

On 11/10/09 7:22 AM, "Tomas Hoger" <address@hidden> wrote:
>> I think we now have some evidence to suggest GnuTLS needn't do anything
>> about this.  It seems any use of rehandshake with GnuTLS is
>> application-specific and then the answer is probably to fix that
>> application instead of GnuTLS.
> Is that meant as meant as "no change needed" or "no urgent temporary hotfix
> needed"?  Is the implementation of the proposed extension still the
> long-term plan, so that apps needing rehandshakes can do them safely?

[sorry if I'm late to the game; we had a baby a few days ago and I'm sadly
behind on e-mail and most other things.]

I agree with Tomas. When I wrote up the patch, I noticed that there were a
few impediments to doing renegotiation at all in the way things are
currently implemented (unless I misunderstood, which I always quite
possible). Still, at some point, someone is going to really need the feature
(or decide that the implementation is incomplete without perfect support for
it), and once that happens, the bug will magically appear unless the TLS
extension I supported.

There's also a good reason to support the extension from an interop
standpoint - servers will want to detect patched clients in the (near?)
future, so sending the extension along will be helpful.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]