[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU TLS 2.9.9 , sign/hash extension support

From: Nikos Mavrogiannopoulos
Subject: Re: GNU TLS 2.9.9 , sign/hash extension support
Date: Mon, 08 Mar 2010 18:45:24 +0100
User-agent: Thunderbird (X11/20090817)

Manish Patidar wrote:
> Hi ,
> I was going through the GNU TLS 2.9.9 source code that support TLS 1.2.
> I have following doubts in gnutls that support of TLS 1.2 rfc
> 1. While selecting server cert and chain,  GNUTLS just compare server
> certificate with client requested sign/hash extension, not the whole chain.
>     if it matched one of the server certificate , it will select the chain.
>     but according to TLS 1.2 , whole chain must matched with one of the
> sign/hash algo supported by client.
>     Is my understanding is correct ..?

which part of TLS 1.2 are you referring to?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]