On Wed, Mar 28, 2018 at 9:44 AM, Viktor Dukhovni <openssl-us...@dukhovni.org > wrote:
It would more sense for C to issue short-term client certificates. > Session tickets are for session resumption. In particular they > can't authenticate the server to the client, so you still need > an initial handshake for that. > > To do GSSAPI with TLS, do TLS on the outside (client authenticates > the server and establishes an secure channel), and then GSSAPI > with channel binding (server authenticates the client as being the > party at the other end of the channel). > > It would make more sense, but you're changing the problem definition. Needham-Schroeder is intended to be used over an insecure network. -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred." - The Mahābhārata
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users