ssl3_HandleNoCertificate() should send correct alert when a client cert is required

NEW
Unassigned

Status

P3
normal
2 years ago
a year ago

People

(Reporter: ttaubert, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

2 years ago
We currently send a "bad_certificate" alert.

TLS 1.2 and prior: https://tools.ietf.org/html/rfc5246#section-7.4.6

We should send a handshake_failure.

TLS 1.3: https://tlswg.github.io/tls13-spec/#error-alerts

We should send certificate_required.
(Reporter)

Updated

a year ago
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.