[gnutls-devel] GnuTLS | Restore usage of mod_auth_st in TLS 1.3 code (#650)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Dec 17 09:04:42 CET 2018

New Issue was created.

Issue 650: https://gitlab.com/gnutls/gnutls/issues/650
Author:    Tom

Under TLS <1.3 we use the `mod_auth_st` to define authentication mechanisms and have a nice abstraction mechanism to delegate authentication handling routines to different functions. In TLS 1.3 code this mechanism has been removed. I think this is a regression in code versatility. Since we are adding new authentication mechanisms (Raw public-keys recently and Kerberos in the near future) we are going to need this `mod_auth_st` again. The RawPK code happened to work under the new system but this is actually a coincidence and the current code path for TLS 1.3 is a bit less efficient than the path for TLS <1.3.

I'm curious why `mod_auth_st` is not used in TLS 1.3 code? If there are no objections I would like to reintroduce it in order to be able to implement TLS-KDH and optimize Raw public-key code.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/650
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181217/d8a8052c/attachment.html>

More information about the Gnutls-devel mailing list