Hi Jim, On 11/05/2017 9:20 PM, Jim Schaad wrote: > Has anybody implemented this for the current version? Is anybody planning > to do it? Are there any examples of how to do it if it is possible?
We haven't implemented RFC 7250 yet, although I added the CertificateType enumeration to Java version a while back, and it's on my list of nice-to-have TLS extensions (leading to Cache Info support) that nobody has asked for (until now). Extension negotiation itself can be done without needing any changes to the library itself, but this is one of those cases where the library needs to be "extension-aware" since it affects the parsing of the Certificate messages. Possibly we need to reorganise things a bit so that the core library is completely agnostic about certificate formats and delegates all certificate processing to the peer objects (TlsClient/TlsServer), with useful defaults of course. Regards, Pete Dettman
