Erik Tkal <etks...@gmail.com> wrote: > In order for EAP-FAST to work it seems that if the client does have a > tls_session_secret that s->hit must NOT be set since there is no indication > in the serverHello as to whether the session_ticket sent by the client is > accepted by the server (the sessionTicket extension is not sent by the > server in EAP-FAST)
[snip] Although the RFC4851 (an informational RFC documenting EAP-FAST) does not require the server to send the session ticket extension during resumption, it is based on RFC4507/RFC5077 (which are on the standards track), which *does* require the server to send the extension. So, this is a bug in the non-conformant servers, not in the openssl client. The non-standard mechanism recommended by RFC4851 for distinguishing resumption vs. full handshakes in EAP-FAST is quite unfortunate. We should update RFC4851 to require standard RFC5077 semantics to be used. Is there any effort underway to update RFC4851 for this or other reasons? It is worth filing an errata against the document, at least. It would be better to fix this bug on the server (by having them send the session ticket extension during resumption as required by RFC 5077) than in the openssl client. Cheers, Brian _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev