[gnutls-devel] GnuTLS | support: DTLS connection ID (#801)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Feb 29 12:57:49 CET 2020




Nikos Mavrogiannopoulos commented:


Given that the RFC brings many changes, including TLS1.3 packets into TLS1.2, I think it makes sense to introduce that in a minimalistic way to avoid changes that make little sense (such as TLS1.3 packet format for AES-CBC ciphersuites). A proposal is with a new `gnutls_init` flag that will enable this extension but it will prevent advertising or negotiating any non-AEAD ciphersuites. That way the new format can be implemented only for the AEAD ciphersuites under TLS1.2, which is sufficient for the main use case linked, as well as any DTLS1.2 implementation.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/801#note_296452341
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200229/ec63b939/attachment.html>


More information about the Gnutls-devel mailing list