[gnutls-devel] GnuTLS | gnutls_certificate_type_get*: ensure that the default type is returned (!806)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Nov 17 19:31:09 CET 2018

Tom commented on a discussion on lib/constate.c:

>  		dst->prf = src->prf; \
>  		dst->grp = src->grp; \
>  		dst->pversion = src->pversion; \
> +		dst->client_ctype = src->client_ctype; \

I took another look at the spec and found this quote:
>  In TLS 1.3, unlike TLS 1.2, extensions are negotiated for each
   handshake even when in resumption-PSK mode.  However, 0-RTT
   parameters are those negotiated in the previous handshake; mismatches
   may require rejecting 0-RTT (see Section 4.2.10).

Following that your solution adheres to the spec and makes sure that the certificate type negotiation extensions are also renegotiated under TLS 1.3. Indeed we may end up in a situation where there is a certificate type mismatch between the newly negotiated type and the previously exchanged certificate. The question is, is this a problem? Should we deviate from the spec and pack the cert type params or should we accept mismatches? In the former case, should we propose a modification of the spec perhaps for this edge case? What do you think?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/806#note_118008625
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181117/75257901/attachment.html>

More information about the Gnutls-devel mailing list