nmav at gnutls.org
Mon May 3 16:21:29 CEST 2010
On Mon, May 3, 2010 at 3:58 PM, Simon Josefsson <simon at josefsson.org> wrote:
> The new gnutls_safe_renegotiation_set API doesn't seem to influence
> rehandshakes -- i.e., I cannot first handshake successfully with the
> extension, call the API with flag=0, and then do a rehandshake that does
> not use the extension. Is this intentional?
Never thought of such usage of it. I see no reason to allow such
behavior since it will only complicate code without offering new
functionality or advantage.
> More generally, why do we need this API at all? Isn't the natural thing
> to use the priority strings to disable the extension? Same question
> about gnutls_safe_negotiation_set_initial.
They are not really needed. We could remove them. They were left there
to allow similar behavior with other functions that can also be set
with priority strings.
More information about the Gnutls-devel