On Sun, Sep 25, 2016 at 2:06 PM, Henrick Hellström <henr...@streamsec.se> wrote: > Have you noticed that BoringSSL seems to abort handshakes with an > illegal_parameter alert, if the server certificate uses the standard > compliant (albeit highly unusual) DER encoding of NULL OPTIONAL as the empty > string, instead of the non-standard but ubiquitous 0x05 0x00 encoding?
In what location do you have an omitted NULL? (I suspect that BoringSSL's behaviour is deliberate, but I can't say for sure without knowing which case it is.) Cheers AGL _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
