On 11/23/2012 02:58 PM, Xuelei Fan wrote:
On 11/23/2012 1:59 AM, Florian Weimer wrote:Is the extension actually being processed?Yes.sun.security.ssl.HandshakeHash.setCertificateVerifyAlg(String) appears to have no effect because the cvAlg member is never read.Need to clean up the code. We do not actually use the above code to verify CertificateVerify message for TLS 1.2.
Okay, I will try to come up with a patch. -- Florian Weimer / Red Hat Product Security Team
