[gnutls-devel] GnuTLS | RFC 9266: Channel Bindings for TLS 1.3 support (#1391)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue Aug 2 03:58:44 CEST 2022




Neustradamus commented:


@dueno: Yes @rufferson has already done a good job a long time ago!

We are okay that since the @rufferson code with the old draft, all are good?

Oh sorry, I have not seen the last PR from @jas!
- https://gitlab.com/gnutls/gnutls/-/merge_requests/1621

@jas: It is possible to add a little important detail and to have:
- `* @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding for TLS`
- `* @GNUTLS_CB_TLS_SERVER_END_POINT: "tls-server-end-point" (RFC 5929) channel binding for TLS`
- `* @GNUTLS_CB_TLS_EXPORTER: "tls-exporter" (RFC 9266) channel binding for TLS 1.3`

RFCs:
- https://tools.ietf.org/html/rfc5056 "On the Use of Channel Bindings to Secure Channels"
- https://tools.ietf.org/html/rfc5929 "Channel Bindings for TLS"
- https://tools.ietf.org/html/rfc9266 "Channel Bindings for TLS 1.3"

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1391#note_1047171732
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220802/e16eb23a/attachment.html>


More information about the Gnutls-devel mailing list