Re: Another renegotiation patch

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another renegotiation patch

From:	Nikos Mavrogiannopoulos
Subject:	Re: Another renegotiation patch
Date:	Thu, 21 Jan 2010 21:42:00 +0100
User-agent:	Thunderbird 2.0.0.23 (X11/20090817)

Steve Dispensa wrote:
> Here is another patch that fixes an interoperability problem with safe
> renegotiation and resumption. In copying forward the safe renegotiation
> state across resumptions, I got a little carried away and copied too much
> data (new connections should start with empty RI data).

I was thinking about the safe renegotiation case. Currently with the
defaults the client behavior is to drop the connection to servers that
do not advertise safe renegotiation... This is quite an inconvenience.
How do you think of instead of failing disabling renegotiation for this
session? I think this will prevent a lot of people from completely
disabling safe renegotiation and only disables the part of the protocol
that isn't secure..

regards,
Nikos

[Prev in Thread]

Current Thread

[Next in Thread]

Another renegotiation patch, Steve Dispensa, 2010/01/19
- Re: Another renegotiation patch, Nikos Mavrogiannopoulos, 2010/01/19
- Re: Another renegotiation patch, Nikos Mavrogiannopoulos <=
  - Re: Another renegotiation patch, Daniel Kahn Gillmor, 2010/01/22
    - Re: Another renegotiation patch, Steve Dispensa, 2010/01/22
    - Re: Another renegotiation patch, Daniel Kahn Gillmor, 2010/01/22
    - Re: Another renegotiation patch, Nikos Mavrogiannopoulos, 2010/01/22
  - Re: Another renegotiation patch, Steve Dispensa, 2010/01/22

Prev by Date: Re: gnutls 2.8.6 release candidate
Next by Date: Continuous builds on Hydra
Previous by thread: Re: Another renegotiation patch
Next by thread: Re: Another renegotiation patch
Index(es):
- Date
- Thread