[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Still replacing OpenSSL function with GnuTLS
|
From: |
Simon Josefsson |
|
Subject: |
[Help-gnutls] Re: Still replacing OpenSSL function with GnuTLS |
|
Date: |
Thu, 18 Jun 2009 08:32:28 +0200 |
|
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux) |
Jouni Malinen <address@hidden> writes:
> On Wed, Jun 17, 2009 at 3:18 PM, Simon Josefsson<address@hidden> wrote:
>> Using GnuTLS in more EAP environments would be good, it has seen too
>> little testing there.
>
> Talking of which.. Are there any plans on adding support for TLS
> Session Ticket (RFC 5077) into GnuTLS?
It would be fun to do it, although my time is limited right now. I'll
look into it.
The hard part appears to be the section 4 recommended ticket
construction. Is this something you need? I could easily see some
environments using completely different tickets.
> It (or well, a bit modified version of it) would be needed to be able
> to implement EAP-FAST.
Do you have some pointers one what modifications are required?
> I finally got the needed patch to do this into OpenSSL, but if I've
> understood correctly, this functionality is missing from GnuTLS and
> consequently, no EAP-FAST support with it is currently possible.
Right, GnuTLS does not support it right now.
> By the way, http://www.gnu.org/software/gnutls/comparison.html could
> be updated to say that OpenSSL does support session tickets if seeing
> GnuTLS as the only row with red here would motivate someone to work on
> this ;-).
Indeed. I fixed the webpage.
/Simon