[gnutls-devel] GnuTLS | With TLS 1.3 enabled, gnutls_handshake() succeeds in client when client fails to send required certificate (#615)

[Development of GNU's TLS library]

> It seems the user friendliness of the (default) client certificate authentication was not prioritized in the TLS working group. They focused on the post-handshake authentication instead which provides a more natural way for it. Could glib-networking rely on that for tls1.3?

All our tests still pass if using `GNUTLS_AUTO_REAUTH`, but the tests don't notice any difference in behavior. I'm actually not sure how it's relevant to this issue?

Is there any reason an application would *not* want to use `GNUTLS_AUTO_REAUTH`? It seems like the sort of flag that everybody would want to use?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/615#note_117993830
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181117/5b08755c/attachment.html>