Open
Bug 1339387
Opened 7 years ago
Updated 2 years ago
ssl3_HandleNoCertificate() should send correct alert when a client cert is required
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(Not tracked)
NEW
People
(Reporter: ttaubert, Unassigned)
References
Details
Attachments
(1 obsolete file)
We currently send a "bad_certificate" alert. TLS 1.2 and prior: https://tools.ietf.org/html/rfc5246#section-7.4.6 We should send a handshake_failure. TLS 1.3: https://tlswg.github.io/tls13-spec/#error-alerts We should send certificate_required.
Reporter | ||
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Assignee: nobody → lschwarz
Status: NEW → ASSIGNED
Comment 1•2 years ago
|
||
Updated•2 years ago
|
Attachment #9274828 -
Attachment is obsolete: true
Updated•2 years ago
|
Assignee: lschwarz → nobody
Status: ASSIGNED → NEW
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•