Show all posts by user
Discussions in Russian
Page 1 of 1 Pages: 1
Results 1 - 3 of 3
Very interesting. Thanks for these links Maxim.
I would actually favour Steffen's patch over my own for the completeness of
exposing both tls-unique and tls-server-end-point. I would note from the
second link however that this patch was abandoned due to the limited
application of channel binding where more comprehensive web infrastructure
may be deployed.
There is however a separate use for tls-
by
r12477
-
Nginx Development
The code which performs this digest is located in src/event/ngx_event_openssl.c - This is presently hard-coded to return a SHA1 fingerprint.
by
r12477
-
Other discussion
I have submitted a patch to the nginx-devel mailing list to expose the last Finished message as returned from OpenSSL SSL_get_peer_finished() as a new configuration variable, $ssl_client_tls_bind.
The value returned in this variable may be used in TLS channel binding operations as described in RFC 5929 (TLSv1.2) and RFC 9266 (TLSv1.3).
by
r12477
-
Ideas and Feature Requests