[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Sep 26 09:45:05 CEST 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/includes/gnutls/gnutls.h.in:
> unsigned idx,
> gnutls_datum_t * response);
> +/* RAW public key functions (RFC7250) */
> +#ifdef ENABLE_RAWPK
The attack surface we can counter by making this feature opt-in (that's one of the reasons I was insisting that the user shouldn't be able to enable code paths which were not designed in the app). I think that raw public keys should be built-in (it is not that big and does not bring any dependencies), though opt-in to use.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_104326903
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel