cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Support for TLS-PSK mode (RFC 4279)

From: Alessandro Ghedini <alessandro_at_ghedini.me>
Date: Fri, 21 Aug 2015 12:41:36 +0200

On Fri, Aug 21, 2015 at 12:46:59PM +0300, Isaac Boukris wrote:
> Hello,
>
> I am trying to add support for TLS-PSK (OpenSSL) which is - in some
> scenarios - more fit and secure than self-signed certificates as it
> provides mutual authentication.
>
> Here is a link to my current work (tested with stunnel):
> https://github.com/frenche/curl/commit/84a400ffd745dd7941b5bd0a2075ecd098ef608e
>
> Note that I had to make an exception not to fail on empty certificate
> for PSK as there may be no server certificate in such case.
>
> Please advise what's missing to get this accepted.

I added a few comments on your GitHub commit for stuff that IMO should be
improved (Daniel has the final word though).

Cheers

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

application/pgp-signature attachment: Digital signature

Received on 2015-08-21

This message: [ Message body ]
Next message: Daniel Stenberg: "RE: why does curl silently discard expired cookies and can this be disabled?"
Previous message: Isaac Boukris: "Support for TLS-PSK mode (RFC 4279)"
In reply to: Isaac Boukris: "Support for TLS-PSK mode (RFC 4279)"
Next in thread: Daniel Stenberg: "Re: Support for TLS-PSK mode (RFC 4279)"
Reply: Daniel Stenberg: "Re: Support for TLS-PSK mode (RFC 4279)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]