[gnutls-devel] GnuTLS | Add NO_STATUS_REQUEST priority string modifier (!1650)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Oct 14 11:23:00 CEST 2022
Daiki Ueno commented:
I still have a couple of concerns:
- what happens if `gnutls_init` is called with GNUTLS_NO_STATUS_REQUEST, but later it is enabled through `gnutls_ocsp_status_request_enable_client` (or also with priority string)?
- RFC6066 section 8 says: "Note in addition that a server MUST NOT send the "CertificateStatus" message unless it received a "status_request" extension in the client hello message and sent a "status_request" extension in the server hello message"; are we sure all those checks are in place?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1650#note_1135801484
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221014/7568f4f5/attachment.html>
More information about the Gnutls-devel
mailing list