[gnutls-devel] GnuTLS | Restore usage of mod_auth_st in TLS 1.3 code (#650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Dec 17 09:04:42 CET 2018
New Issue was created.
Issue 650: https://gitlab.com/gnutls/gnutls/issues/650
Under TLS <1.3 we use the `mod_auth_st` to define authentication mechanisms and have a nice abstraction mechanism to delegate authentication handling routines to different functions. In TLS 1.3 code this mechanism has been removed. I think this is a regression in code versatility. Since we are adding new authentication mechanisms (Raw public-keys recently and Kerberos in the near future) we are going to need this `mod_auth_st` again. The RawPK code happened to work under the new system but this is actually a coincidence and the current code path for TLS 1.3 is a bit less efficient than the path for TLS <1.3.
I'm curious why `mod_auth_st` is not used in TLS 1.3 code? If there are no objections I would like to reintroduce it in order to be able to implement TLS-KDH and optimize Raw public-key code.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/650
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel