Project

General

Profile

Actions

Feature #396

closed

Send certificate chain matching accepted CAs

Added by Tobias Wich over 9 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Target version:
Start date:
05/27/2015
Due date:
% Done:

0%

Estimated time:
Reviewer:
Build Version:

Description

When performing TLS client authentication, the TLS RFCs state that the chain should not contain the issuer certificate referenced in certificate request message. Furthermore only certificates which match any of the referenced CAs may be used for the authentication.

For the special case where no issuer is referenced any certificate is acceptable for the server. The Root CA certificate is excluded in that case.

Actions #1

Updated by Tobias Wich over 9 years ago

  • Target version changed from 1.1.0 to 1.3.0
Actions #2

Updated by Tobias Wich about 9 years ago

  • Tracker changed from Bug to Feature
Actions #3

Updated by Tobias Wich about 7 years ago

  • Status changed from New to Closed

New TLS stack in development version behaves correctly in that regard.

Actions

Also available in: Atom PDF