when using curl & gnutls to negotiate https client side requests there is no support for negotiating an anonymous TLS connection [ ref: gtls.c ]. I'm assuming that in order to relive the user from having to supply a certificate such connections would be used initially as the default for by the https transport service. I added support for this but unless such a patch would be adopted by the curl developers we will have to provide client certificates.
Another thing to keep in mind is that using anonymous TLS connections will make labeling GNUnet HTTPS traffic easier since handshake parameters are transmitted in the clear, which might suggest bundling a dummy client certificate with GNUnet to simulate authenticated connections without forcing the user to supply one. Regards, Amir
_______________________________________________ GNUnet-developers mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnunet-developers
