Hi, Is zero signature allowed in client CertificateVerify message (I am guessing may be to indicate error condition??). I don't see any thing related to zero signature in the TLS 1.2 RFC (or may be I am not looking into the right section?)
Today I saw a packet like this and server was terminating the connection due to the failure of client cert auth. (because of zero signature in client cert verify message). [image: image.png] Under what circumstances a client can send a zero signature in the client CertificateVerify message? Is this behaviour TLS 1.2 RFC compliant? with regards, Saravanan
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
