TLS 1.3: support for status_request extension in CertificateRequest messages
Jamil Nimeh
jamil.j.nimeh at oracle.com
Mon Dec 16 20:02:16 UTC 2019
So maybe I'll make a short-term fix to at least make the client not barf
on the status_request in the CR message from the server. That much
should be done for correctness. Making the client actually support OCSP
stapling in its Cert message is a much bigger change and can come later.
I'll create a bug entry for the status_request handling part. The actual
OCSP stapling support would have to be a separate issue and an RFE
rather than a bug.
--Jamil
On 12/16/2019 11:23 AM, Martin Balao wrote:
> Hi Jamil,
>
> Thanks for your answer.
>
> On 12/16/19 2:29 PM, Jamil Nimeh wrote
>> If you want to take a swing at it, go for it. I'd be happy to be a
>> reviewer for it.
> I'm still unsure of how are we going to prioritize this but I'd let you
> know if we go for it.
>
> Regards,
> Martin.-
>
More information about the security-dev
mailing list