Simon Josefsson simon at
Fri May 28 09:26:21 CEST 2010

Simon Josefsson <simon at> writes:

> Items left is to write and check the safe renegotiation self tests
> and to update the documentation section for it.  I think there are bugs
> in both those parts right now, that's why I haven't made any releases.

Nikos, I have updated the manual now to describe what I believe the
behaviour should be -- could you check that it matches your

Note that I'm not sure how %INITIAL_SAFE_RENEGOTIATION fits into this

I also suspect we want a priority string (e.g. %PARTIAL_RENEGOTIATION)
to describe today's default behaviour of permitting initial handshakes
but not rehandshakes -- so that clients/servers can use it and be
forward-compatible even when/if we change the default to make
clients/servers refuse initial handshakes without the extension.

Once we agree on how the manual should look like, I'll write self tests
for the various variants (there seems to be many different variants to
consider!), so we make sure that the code actually does what we think it


More information about the Gnutls-devel mailing list