[gnutls-devel] GnuTLS | Renegotiation with both renegotiation_info and SCSV at once is allowed (#828)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Sep 6 11:16:46 CEST 2019
t184256 commented:
I agree. Thanks for the explanation, TIL.
While the server is required to send fatal alerts when it detects non-compliant client behaviour, apparently, a failure to detect it altogether *is* compliant. I cannot put any formal expectations on the server in this regard, and the current gnutls reaction to such a violation is sensible.
I'm closing this, because, in this light, it's a low importance RFE at best.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/828#note_213428134
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190906/31f4113e/attachment-0001.html>
More information about the Gnutls-devel
mailing list