[PATCH] session ticket support

Simon Josefsson simon at josefsson.org
Fri Aug 7 01:59:26 CEST 2009


Daiki Ueno <ueno at unixuser.org> writes:

>>>>>> In <87prbahee5.fsf at mocca.josefsson.org> 
>>>>>>	Simon Josefsson <simon at josefsson.org> wrote:
>> >> Also, what do you think about a 'gnutls_session_ticket_key_format_t'
>> >> parameter?  I think some people may want to export the key in
>> >> text-format rather than raw binary.
>> >
>> > As another option, how about making gnutls_session_ticket_key_t a public
>> > struct so that people can write custom export function?
>
>> Thinking about that, doesn't a gnutls_datum_t suffice?
>
> Sorry, perhaps I misunderstood what you meant with "text-format".  I had
> thought that the key is represented as a set of attributes such as
> cipher/mac keys and used algorithms in human readable form.
>
> It is simply an option to select output format in binary or base64,
> isn't it?

I changed my mind: rather than supporting different formats and crypto
agility, the entire API would become:

  int gnutls_session_ticket_key_generate (gnutls_datum_t *key);

The algorithm used are chosen by the library.  The app has to write its
own import/export stuff.  What do you think?

/Simon





More information about the Gnutls-devel mailing list