On Thu, Mar 02, 2023 at 04:29:11AM +, Peter Gutmann wrote:
> Chuck Lever III writes:
>
> >We're implementing TLSv1.3 support for PSK and note there is a capability in
> >the PSK extension described in S 4.2.11 for sending a list of identities. We
> >don't find support for a list of alternate
Chuck Lever III writes:
>We're implementing TLSv1.3 support for PSK and note there is a capability in
>the PSK extension described in S 4.2.11 for sending a list of identities. We
>don't find support for a list of alternate identities implemented in user
>space TLS libraries such as GnuTLS or
Hi Chuck,
> A quick browse of other sections of RFC 8446 does not show a similar
> capability for sending multiple certificates.
This can be done using TLS 1.3 post-handshake client auth
(https://www.rfc-editor.org/rfc/rfc8446#section-4.2.6). However, this is an
optional TLS 1.3 feature and
Hi-
We're implementing TLSv1.3 support for PSK and note there is a
capability in the PSK extension described in S 4.2.11 for
sending a list of identities. We don't find support for a list
of alternate identities implemented in user space TLS libraries
such as GnuTLS or OpenSSL. Is there a known
