Joe Birr-Pixton
Joe Birr-Pixton
If we set `ServerConfig::max_fragment_size` or `ClientConfig::max_fragment_size` it is expected that all the TLS messages are no larger than this. However, this is only true if the messages are unencrypted: after...
If you were only interested in using TLS1.3, it would be ideal if all the TLS1.2 code were discarded at link-time. For code size, complexity and very convincing attack surface...
This is a big list of unsorted, unprioritised issues found from x509test cases. I'm not making any particular claim that these are important issues, or even issues we want to...
This PR adds 90 additional test cases generated from the [google/x509test](https://github.com/google/x509test) test corpus. The process for that conversion is over on [ctz/webpki-x509test](https://github.com/ctz/webpki-x509test). This PR doesn't include test cases that unexpectedly...
I have the following cert: ``` Certificate: Data: Version: 3 (0x2) Serial Number: 456 (0x1c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ponytown level 2 intermediate Validity Not Before: May 20 21:59:24 2016...
This was previously reported in #8083, and that was closed by fixing the problem in `openssl s_client` rather than the library. The issue is that any of: ``` SSL_set_tlsext_host_name(ssl, "[email protected]");...
Draft for the moment. This is on top of #1784. I probably won't do `rustls-postquantum` as a separate crate, but it made sense at the time (and avoids the `unstable`...
This: - builds docs off main nightly, and on changes. Making this work for multiple branches (release branches, etc) is possible, but _not_ for foreign forks or arbitrary branches. This...
See https://datatracker.ietf.org/doc/draft-davidben-tls-key-share-prediction/ for background. The first three commits are "the friends we made along the way". fixes #1512