Re: [TLS] TLS 1.2

Mike <mike-list@pobox.com> Wed, 01 August 2007 19:00 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IGJRH-0003T7-0B; Wed, 01 Aug 2007 15:00:55 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IGJRF-0003Sl-Ss for tls@ietf.org; Wed, 01 Aug 2007 15:00:53 -0400
Received: from rune.pobox.com ([208.210.124.79]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IGJRF-00083O-Jk for tls@ietf.org; Wed, 01 Aug 2007 15:00:53 -0400
Received: from rune (localhost [127.0.0.1]) by rune.pobox.com (Postfix) with ESMTP id 02DDA1196D6 for <tls@ietf.org>; Wed, 1 Aug 2007 15:01:15 -0400 (EDT)
Received: from [192.168.1.8] (wsip-24-234-114-35.lv.lv.cox.net [24.234.114.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by rune.sasl.smtp.pobox.com (Postfix) with ESMTP id ADA111196D4 for <tls@ietf.org>; Wed, 1 Aug 2007 15:01:14 -0400 (EDT)
Message-ID: <46B0D8B5.6000203@pobox.com>
Date: Wed, 01 Aug 2007 12:02:13 -0700
From: Mike <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.5 (Windows/20070716)
MIME-Version: 1.0
To: tls@ietf.org
Subject: Re: [TLS] TLS 1.2
References: <46ABB82D.8090709@pobox.com>
In-Reply-To: <46ABB82D.8090709@pobox.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

To the person trying to interoperate with my server:

You uncovered a bug in my server that was looking for
a HashType in the CertificateVerify message regardless
of the key type.  I fixed it so now it only looks for
that if it's an RSA client certificate.

Also, your client gets as far as establishing the
master secret, but when an encrypted packet arrives,
either the MAC or padding is invalid.  I will look
over my code to see if it's my fault.

Mike


Mike wrote:
> I realize it's still a moving target, but I updated
> my test server to implement TLS 1.2 as of the latest
> draft (-04).  You can test against it at
> 
>       https://www.mikestoolbox.net
> 
> Mike

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls