2016-10-21 18:33 GMT+09:00 Ilari Liusvaara <ilariliusva...@welho.com>: > On Thu, Oct 20, 2016 at 09:32:36AM -0700, Eric Rescorla wrote: >> Folks, >> >> I have just uploaded draft-ietf-tls-tls13-17. > > Updated my own implementation from -16 to -17 (TODO: Add to > implementations page, it isn't any of the ones listed). > > And since that implementation supports RFC7250 (for the server > certificate), here is my interpretation of it: > > The certificate type is sent in extensions of EE certificate, > via the usual server_certificate_type extension (using the server-side > syntax from RFC7250). > > > Okay, the extension is after the certificate it attaches to (which is > just weird), but turns out this wasn't that bad to implement, due to > how the code happened to be laid out (it first sliced the certificate > message to extract the certificates and only afterwards processed > those). > > > > ... Interop tests with picotls failed: > > - Picotls sends extension 13 (signature_algorithms) in ServerHello, > which my implementation does not like[1]. > - Picotls still seems to have the resumption_context mixed into > hashes. I tought that got nuked when switching to "finished > stuffing"? This causes wrong encryption keys to be derived, > causing the handshake to blow up. >
Thank you very much for testing, and for reporting the issues you found. Apparently I missed the changes when I made the adjustments for draft-17. I've pushed the fixes on to my git repository (https://github.com/h2o/picotls) fixing the two issues. Hopefully with them, picotls would be able to communicate with your implementation (I think it might be better to go through my code with draft-17 in hand to see if any other discordances exist, but that'll be in the next week). I am also looking forward to seeing your implementation on the Wiki. > > > [1] Wasn't this ripped out in -17? The -17 draft seems to list that > extension as "clear", shouldn't it be "client" as the AFAIK the > server won't send it? > > > -Ilari > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- Kazuho Oku _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
