Ilari Liusvaara writes:
>You mean overflow the maximum field size (64kB)?
No, just the 16kB message size, so you get what should be a ~100-byte cert
request that's 20-30kB long. The code assumed - and I know this is crazy talk
here - that a 100-byte message would fit easily into a 16kB I/O
On Thu, Apr 13, 2023 at 02:35:50AM +, Peter Gutmann wrote:
> Salz, Rich writes:
>
> >Is this generally used? Would things go badly if we stopped sending them?
>
> Just as a data point, in the SCADA world it seems to be universally ignored.
> I've seen everything from servers that send a
One purpose additional to the already mentioned selection of the "right"
client certificate may be to truncate the sent client certificate path
at such a CA certificate, though that certificate is already available
at the server.
If x509 is used at all for IoT, such a truncation may reduce the