[gnutls-devel] GnuTLS | Draft: Release 3.8.13 (!2102)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Apr 28 07:51:52 CEST 2026
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/2102 was reviewed by Daiki Ueno
--
Daiki Ueno started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/2102#note_3292763479
>
> +** libgnutls: Fix TLS 1.3 client certificate selection
> + For servers that send a signature_algorithms_cert extension
This is not correct; `signature_algorithms_cert` is not involved, but `signature_algorithms` with `rsa_pss_rsae_*` but without legacy `rsa_pkcs1_*` prevents the client to select an RSA cert while it should be usable.
--
Daiki Ueno started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/2102#note_3292763505
> gnutls_hpke_derive_keypair: New function
> gnutls_hpke_export: New function
> gnutls_pkcs11_obj_get_pk_algorithm: New function
Maybe good to mention this change as well, something like:
```
** libgnutls: New function that allows fetching object type metadata for PKCS#11 keys
A new library function, gnutls_pkcs11_obj_get_pk_algorithm, has been added to check the public key algorithms of PKCS#11 key objects, contributed by Ghadi Elie Rahme (!2102). Object types other than CKO_PRIVATE_KEY are currently not supported.
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2102
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/4-1xzr5lxk4qtu8lnzv3klgzxve-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260428/6c694ea6/attachment-0001.html>
More information about the Gnutls-devel
mailing list