On Tue, Jan 22, 2019 at 02:48:26PM -0500, Viktor Dukhovni wrote:
> As for applications mishandling "SSL_CB_HANDSHAKE_START", not quite sure
> what to do there, but perhaps we could define a new even for keyUpdates
> that does not mislead applications into assuming a new "handshake".

I think calling anything a handshake that is not a handshake
should either be removed or renamed. KeyUpdate is not a handshake.
I'm not sure what we do in case of a session ticket, but it also
shouldn't send such events, but other events are probably useful
in that case.


openssl-project mailing list

Reply via email to