Open Bug 1339387 Opened 7 years ago Updated 2 years ago

ssl3_HandleNoCertificate() should send correct alert when a client cert is required

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: ttaubert, Unassigned)

References

Details

Attachments

(1 obsolete file)

Bug 1339387 - Correct ssl3_HandleNoCertificate alert for RFC compliance/Bogo compatability. r=djackson 2 years ago Leander Schwarz 48 bytes, text/x-phabricator-request		Details \| Review

Tim Taubert [:ttaubert] (inactive)

Reporter

Description

•

7 years ago

We currently send a "bad_certificate" alert.

TLS 1.2 and prior: https://tools.ietf.org/html/rfc5246#section-7.4.6

We should send a handshake_failure.

TLS 1.3: https://tlswg.github.io/tls13-spec/#error-alerts

We should send certificate_required.

Tim Taubert [:ttaubert] (inactive)

Reporter

Updated

•

7 years ago

Priority: -- → P3

Leander Schwarz

Updated

•

2 years ago

Assignee: nobody → lschwarz

Status: NEW → ASSIGNED

Leander Schwarz

Comment 1

•

2 years ago

Attached file Bug 1339387 - Correct ssl3_HandleNoCertificate alert for RFC compliance/Bogo compatability. r=djackson (obsolete) — Details

Phabricator Automation

Updated

•

2 years ago

Attachment #9274828 - Attachment is obsolete: true

Leander Schwarz

Updated

•

2 years ago

Assignee: lschwarz → nobody

Status: ASSIGNED → NEW

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

ssl3_HandleNoCertificate() should send correct alert when a client cert is required

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: ttaubert, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 obsolete file)

Description

Updated

Updated

Comment 1

Updated

Updated

Updated

Attachment

General

Description

File Name

Content Type