On Thu, 2008-05-29 at 10:12 +0200, Balazs Scheidler wrote: > On Thu, 2008-05-29 at 09:45 +0200, Rainer Gerhards wrote: > > Inline... > > > -----Original Message----- > > > From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, May 29, 2008 2:32 AM > > > To: Rainer Gerhards; [email protected] > > > Subject: RE: [Syslog] Fingerprint/handshake > > > > > > Hi Rainer, > > > > > > A TLS alert could be sent by the server indicating the error condition. > > > Would this help? > > > That's an interesting idea. Let me give it a try. Will provide feedback > > when I have done this. In any case, if it turns out to be a problem with > > one library, we may be better of mandating that all verification is done > > during the handshake... > > By the way, I've read in your implementation report that it is not > possible to terminate the handshake with OpenSSL either. This is not the > case, you can do that.
Ah, good to know. So it looks like this is a single-library problem, about which the standard should obviously not care. Bazsi, could you do me a favor and let me know which callback you use, so that I can get to the specifics (also for the GnuTLS folks). I'd really appreciate that. Thanks, Rainer _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
