Add extra TODO to find out more about status_request extension during

session resumption
author: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-29 07:11:58 +0400
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-29 07:11:58 +0400
commit: 3680102348f4c321277de0fa3874f5f4b22e7a3c (patch)
tree: 026faa742c4266dc778359f9bf47e857fee093e9 /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
parent: 413bd3cc1d5f79fca3b685235c5f74bd954e909a (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
index 354beae1..eefaf41c 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
@@ -695,6 +695,10 @@ public class TlsServerProtocol
 
             this.securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(this.serverExtensions);
 
+            /*
+             * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
+             * a session resumption handshake.
+             */
             this.allowCertificateStatus = !this.resumedSession
                 && TlsUtils.hasExpectedEmptyExtensionData(this.serverExtensions, TlsExtensionsUtils.EXT_status_request,
                     AlertDescription.internal_error);
author	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-29 07:11:58 +0400
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-29 07:11:58 +0400
commit	3680102348f4c321277de0fa3874f5f4b22e7a3c (patch)
tree	026faa742c4266dc778359f9bf47e857fee093e9 /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
parent	413bd3cc1d5f79fca3b685235c5f74bd954e909a (diff)