cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Support for TLS-PSK mode (RFC 4279)

From: Alessandro Ghedini <alessandro_at_ghedini.me>
Date: Fri, 21 Aug 2015 12:41:36 +0200

On Fri, Aug 21, 2015 at 12:46:59PM +0300, Isaac Boukris wrote:
> Hello,
>
> I am trying to add support for TLS-PSK (OpenSSL) which is - in some
> scenarios - more fit and secure than self-signed certificates as it
> provides mutual authentication.
>
> Here is a link to my current work (tested with stunnel):
> https://github.com/frenche/curl/commit/84a400ffd745dd7941b5bd0a2075ecd098ef608e
>
> Note that I had to make an exception not to fail on empty certificate
> for PSK as there may be no server certificate in such case.
>
> Please advise what's missing to get this accepted.

I added a few comments on your GitHub commit for stuff that IMO should be
improved (Daniel has the final word though).

Cheers

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

Received on 2015-08-21