Re: confirmation that debian #480041 is a gnutls problem, and steps to r

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: confirmation that debian #480041 is a gnutls problem, and steps to r

From:	Daniel Kahn Gillmor
Subject:	Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Date:	Fri, 21 Nov 2008 11:58:36 -0500
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)

On Fri 2008-11-21 02:24:02 -0500, Nikos Mavrogiannopoulos wrote:

> Hello, this does not seem to be a gnutls error. The server merely asks
> for renegotiation, gnutls-cli ignores it (legal behavior) and server
> does not like it thus sends a fatal alert.

Do you think this is exposing a bug in mod_ssl, then?  If it is legal
behavior to ignore a renegotiation, it seems to me that
SSLVerifyClient optional should not cause the server to terminate the
connection if a rehandshake is rejected.  Should we clone this bug, or
open a new report against apache or openssl?

     --dkg

pgpkWKG8zxmou.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce, (continued)

Prev by Date: Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Next by Date: Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Previous by thread: Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Next by thread: Re: confirmation that debian #480041 is a gnutls problem, and steps to reproduce
Index(es):
- Date
- Thread