After PR #625 all alerts are required to be sent with fatal AlertLevel except
for close_notify, end_of_early_data, and user_canceled. Since those three
alerts all have separate specified behavior, the AlertLevel field is not
serving much purpose, other than providing potential for misuse. We
On Fri, Oct 14, 2016 at 05:10:01PM +0200, Hubert Kario wrote:
> On Thursday, 13 October 2016 23:33:19 CEST Ilari Liusvaara wrote:
> > Ok, dumped the handshake using wireshark. Wireshark seems to think
> > the SNI with two lengths is perfectly sane.
>
> that's because wireshark doesn't perform
On Fri, Oct 14, 2016 at 05:15:48PM +0200, Hubert Kario wrote:
> On Friday, 14 October 2016 14:34:49 CEST Kazuho Oku wrote:
> > Considering that, to me it seems preferable if the draft stated that
> > both PKCS1 and SHA1 are obsoleted, and are allowed to be only used in
> > certificates. Or is
On Friday, 14 October 2016 14:34:49 CEST Kazuho Oku wrote:
> Considering that, to me it seems preferable if the draft stated that
> both PKCS1 and SHA1 are obsoleted, and are allowed to be only used in
> certificates. Or is there any need to handle PKCS1 and SHA1
> differently in protocol
On Mon, Oct 10, 2016 at 11:27 PM, Martin Thomson
wrote:
> On 11 October 2016 at 07:57, Kyle Rose wrote:
>> FWIW, Patrick McManus made a pretty eloquent and convincing case in Berlin
>> that the web is substantially broken without retry logic in the