diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2020-01-15 11:05:31 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2020-01-20 17:38:12 +0100 |
commit | f39b85db96c099c5f851f000cb74fb5200e05919 (patch) | |
tree | 6bbb6ce49e1610435ab20db79ec63b9c3145a299 /NEWS | |
parent | 6ab20d77120f818522863bd43cab20541e0afa57 (diff) | |
download | gnutls-f39b85db96c099c5f851f000cb74fb5200e05919.tar.gz |
tls13: request OCSP responses as a server
The TLS1.3 protocol requires the server to advertise an empty
OCSP status request extension on its certificate verify message
for an OCSP response to be sent by the client. We now always
send this extension to allow clients attaching those responses.
Resolves: #876
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -42,7 +42,8 @@ See the end for copying conditions. have been marked as insecure otherwise (#877). ** libgnutls: On client side only send OCSP staples if they have been requested - by the server (#876). + by the server, and on server side always advertise that we support OCSP stapling + (#876). ** libgnutls: The default-priority-string added to system configuration to allow overriding compiled-in default-priority-string. |