[gnutls-devel] RFC 7250 and API change
Rick van Rein
rick at openfortress.nl
Mon May 2 08:14:09 CEST 2016
Tom and I are working on
which implements Kerberos tickets as you suggested, per RFC 7250.
What we run into is probably a break with the GnuTLS API, and we'd like
your opinion on this.
The call to gnutls_certificate_type_get() seems to make an implicit
that the same certificate type is used in both directions, but with RFC 7250
(which we are now adding) there is a possibility that these are different.
Applications of GnuTLS might not be aware of this having been added to
and may end up being confused.
We see various ways to deal with this, but none of them is pretty.
tell us what your preferred approach would be?
Rick & Tom
ARPA2 TLS-KDH crew
More information about the Gnutls-devel