[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Sep 26 09:45:05 CEST 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/includes/gnutls/gnutls.h.in:
> unsigned idx,
> gnutls_datum_t * response);
>
> +/* RAW public key functions (RFC7250) */
> +#ifdef ENABLE_RAWPK
The attack surface we can counter by making this feature opt-in (that's one of the reasons I was insisting that the user shouldn't be able to enable code paths which were not designed in the app). I think that raw public keys should be built-in (it is not that big and does not bring any dependencies), though opt-in to use.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_104326903
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180926/247f9623/attachment-0001.html>
More information about the Gnutls-devel
mailing list