On Fri, Aug 21, 2015 at 4:07 PM, Salz, Rich wrote:
>
> >Are there any recommended ways to avoid certificates being sent in
> cleartext? That is, to first establish an anonymous encrypted channel, and
> then to authenticate within the encrypted channel.
>
> Not without breaking the protocol.
>
If
>Are there any recommended ways to avoid certificates being sent in cleartext?
>That is, to first establish an anonymous encrypted channel, and then to
>authenticate within the encrypted channel.
Not without breaking the protocol.
>I am also aware of some of the work in progress on TLS 1.3. It
Hi,
When using openssl to establish an authenticated DTLS 1.2 connection,
certificates for both the client and the server are sent in cleartext
during the handshake. From what I understand, this is a protocol issue, for
example addressed in the draft: "Transport Layer Security (TLS) Encrypted
Hand