diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-29 07:11:58 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-29 07:11:58 +0400 |
commit | 3680102348f4c321277de0fa3874f5f4b22e7a3c (patch) | |
tree | 026faa742c4266dc778359f9bf47e857fee093e9 /core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java | |
parent | 413bd3cc1d5f79fca3b685235c5f74bd954e909a (diff) |
Add extra TODO to find out more about status_request extension during
session resumption
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java index e4eb59b8..a1df0e33 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java @@ -720,6 +720,10 @@ public class TlsClientProtocol this.securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(sessionServerExtensions); + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ this.allowCertificateStatus = !this.resumedSession && TlsUtils.hasExpectedEmptyExtensionData(sessionServerExtensions, TlsExtensionsUtils.EXT_status_request, AlertDescription.illegal_parameter); |