safe renegotiation in client side

Simon Josefsson simon at
Tue Mar 16 13:02:48 CET 2010

Daniel Kahn Gillmor <dkg at> writes:

> But any popular TLS client implementation also plays a role in spurring
> adoption of safe-reneg among servers by its choice of enforcement (and
> warning messages, etc).  I'd like to see GnuTLS contribute to the "peer
> pressure" here in some positive way.  i'm not saying that
> default-fail-closed is necessarily the best way to do that, but an
> entirely lenient policy is pretty weak on the peer pressure side and
> doesn't contribute to the overall security of network communications in
> general.

I agree.  So, we could release an experimental version where clients
required safe renegotiation, get it into various distributions, and try
applications that use GnuTLS to see if they work or not?

The important part is likely how well applications support priority
strings for easy user fall backs.  How well error reporting works is
also important.  Maybe our energy is better spent helping application
writers here...

I'll do some experiments with 2.9.10 on my machine... maybe best to get
a release out first though.


More information about the Gnutls-devel mailing list