[ Redirecting to openssl-users ]
On Wed, Aug 13, 2014 at 01:05:24AM +0400, Fedor Indutny wrote:
> I just discovered that there is no way to force OpenSSL SSL client to send
> Certificate record if server hasn't sent CertificateRequest.
That would be a TLS protocol violation.
> Would a patch that will this API hole be welcome? What API do you guys have
> in mind?
There is no need for an API for a non-interoperable feature that
would violate the TLS protocol:
https://tools.ietf.org/html/rfc5246#section-7.4.6
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
