Closed
Bug 698231
Opened 13 years ago
Closed 8 years ago
Renegotiation fails for SPDY connections when the server sends a certificate in the renegotiation handshake than the one it sent in the initial handshake
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
WONTFIX
mozilla11
People
(Reporter: briansmith, Unassigned)
References
Details
(Keywords: regression, Whiteboard: [mozilla-SPDY])
+++ This bug was initially created as a clone of Bug #698230 +++ +++ This bug was initially created as a clone of Bug #698229 +++ This would be a regression for any site that uses client certificates and which enables NPN+SPDY. I doubt many (if any) real servers do this.
Reporter | ||
Comment 1•9 years ago
|
||
It seems like at one point the HTTP/2 spec disallowed renegotiation and client certificates on the same connection based on my raising this as a concern in Zurich. I vaguely recollect that that decision was overturned near the end of the HTTP/2 process. I don't know what was done to make this a non-issue though.
Comment 2•9 years ago
|
||
HTTP/2 disallows renegotiation, with an exception that allows client certificate confidentiality, but that has to happen before the preface. As for this bug, I think that I would be quite happy to have this marked WONTFIX. SPDY doesn't really deserve much more effort, and I can live with a failure if a server changes its certificate between handshake and HTTP/2 preface.
WONTFIX as per comment 2.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•