[
https://issues.apache.org/jira/browse/MESOS-9879?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16931390#comment-16931390
]
Benno Evers commented on MESOS-9879:
------------------------------------
Given that the behaviour described here is mandated by the TLS spec and testing
it would require implementing a custom, buggy TLS implementation, I think it's
safe to say the costs outweigh the benefits here. Closing this as "Wont fix".
> Create a unit test ensuring that a client certificate requests are properly
> ignored
> -----------------------------------------------------------------------------------
>
> Key: MESOS-9879
> URL: https://issues.apache.org/jira/browse/MESOS-9879
> Project: Mesos
> Issue Type: Improvement
> Reporter: Benno Evers
> Priority: Major
> Labels: libprocess, ssl, tls
>
> When a TLS server sends a Client Certificate Request as part of the handshake
> and the client does not have a certificate available, the TLS specification
> mandates that the client shall attempt to continue the connection attempt
> sending a zero-length certificate.
> We should write a unit test verifying libprocess handles this correctly when
> acting as a client, although it's not completely clear how this might be
> implemented.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
