On Mon, Oct 23, 2023 at 01:37:55PM -0400, Viktor Dukhovni wrote: > > - Some Java TLS libraries (used to?) fail the handshake when the > client has no configured certs, or the list of issuer CA DN hints > does include any of its available (typically just zero or one) > certificates. > > They could just proceed without a certificate, or return a default > one, but they don't.
A colleague discovered a case where sending CertificateRequest to Chrome causes it to fail, instead of just proceeding without a certificate (which would have worked). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
