[gnutls-devel] GnuTLS | OpenSSL IPv6 PSK Incompatibility (#683)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Jan 24 17:54:02 CET 2019
> What about using GNUTLS_E_UNRECOGNIZED_NAME instead of GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER (in server_name.c / _gnutls_server_name_recv_params()) ?
IMO illegal_parameter is more appropriate here according to the RFC:
```
illegal_parameter: A field in the handshake was incorrect or
inconsistent with other fields. _This alert is used for errors
which conform to the formal protocol syntax but are otherwise
incorrect._
```
and
```
unrecognized_name: Sent by servers when no server exists identified
by the name provided by the client via the "server_name" extension
(see [RFC6066]).
```
That would allow clients to distinguish whether the error is in protocol level or configuration level.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/683#note_134637845
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190124/eed75252/attachment.html>
More information about the Gnutls-devel
mailing list