Nikos Mavrogiannopoulos <[email protected]> writes: > The attached patch tries stay on the safe side and don't try to upgrade > the TLS version on a rehandshake. I'm not sure whether this is the right > thing to do, although performing a rehandshake to upgrade the TLS > version seems quite unlikely.
I suspect it will become more likely given TLS 1.1 and TLS 1.2: you may want to try TLS 1.0 on initial handshake, and then want to attempt more recent TLS versions to get more advanced features from the other end -- however I think we use the patch for now and revisit this if someone runs into this limit in the future. This seems like a protocol issue, so we could ask on the IETF list too... /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
