safe renegotiation in client side

Simon Josefsson simon at
Mon Mar 15 23:38:05 CET 2010

Nikos Mavrogiannopoulos <nmav at> writes:

> I have been in favor of enabling safe renegotiation for the client
> before, but seeing how gnutls is being used today, I might have not been
> correct and enabling it might cause more trouble than the issue it solves.

I just had a thought, it may be wrong due to late at night...

Using safe renegotiation is only important if the client provides
credentials, right?

It sounds as if in your testing, GnuTLS clients were unable to talk to
any server, even if the clients didn't provide a client certificate.  Is
that right?

If that is the case, can't we make GnuTLS accept talking to "old"
servers by default, but if client certificate authentication is
requested by the application, it will tear down the connection if the
server doesn't support safe-renegotiation?

My impression is that client certificate authentication is still not
that widely used by applications.

This way, we'll be 100% secure but still work in the majority of cases.
People using client certificate authentication will not be able to talk
with old servers, but that is what they should get.


More information about the Gnutls-help mailing list