Closed Bug 1471970 Opened 6 years ago Closed 5 years ago

Post handshake authentication is unsupported

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.38
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: hkario, Unassigned)

References

Details

Attachments

(1 file)

Bug 1471970, add support for post-handshake authentication
47 bytes, text/x-phabricator-request
Details | Review 
Using c84a61acb17d (few commits past 3.38)

When tstclnt is configured with TLS1.3 support and a certificate (-n nickname), the Client Hello message does not include the post_handshake_auth extension.

(I know that it's a known limitation, but I was unable to find any tracking bug for implementing it)
This adds handling of the post_handshake_auth extension in CH and exposes tls13_SendCertificateRequest as an experimental API.
QA Contact: franziskuskiefer
See Also: → 1511989

Pushed as https://hg.mozilla.org/projects/nss/rev/1f04eea8834a

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.43

see also: bug 1527958

Is there a bug filed against Firefox to add support for it, if it is needed?

Flags: needinfo?(dueno)

/me should really first check Blocks/Depends before asking questions

Flags: needinfo?(dueno)
Depends on: 1561523
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: