Changes between Version 36 and Version 37 of KarlsruheHackathon2017


Ignore:
Timestamp:
11/11/17 12:18:00 (5 years ago)
Author:
Steffan Karger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • KarlsruheHackathon2017

    v36 v37  
    9494* block-ipv6 patch
    9595  * considered good idea, arne will cleanup patch and resend patch
     96
     97
     98 * `--tls-cert-profile`
     99   * The OpenSSL 'custom security callbacks' are undocumented and not very well fit to implement an mbed TLS-like tls-cert-profile option.
     100   * So, instead of trying to mimic the mbed TLS behaviour, just go for the much simpler approach and set OpenSSL seclevels.  We'll accept slightly different behaviour between openssl and mbed TLS, at least for now.
     101   * Steffan will send David his patches that attemp to reimplement tls-cert-profile for openssl, so he can give it a try too if he wants to.
     102   * Steffan will send a v2 of the mbed patch that will print a warning for openssl build, instead of refusing to start, if --tls-cert-profile is used.
     103   * Steffan will later send a patch to implement the seclevel approach for openssl.