On Wednesday 11 November 2015 18:39:51 Mike Bishop wrote: > Per the TLS 1.2 spec, that's permitted, but if > it's not been done before, I'm afraid we may be hitting less-tested > code paths.
It's also something that Java does and what NSS supports. But indeed it is problematic: https://rt.openssl.org/Ticket/Display.html?id=3712&user=guest&pass=guest -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
