The same situation with the Windows TLS stack: we're not parsing status_request
carried in the CertificateRequest message. There has not been a business
case/request to support this for client certs.
Cheers,
Andrei
From: TLS On Behalf Of David Benjamin
Sent: Friday, May 20, 2022 10:24 AM
To:
Prior to TLS 1.3, it wasn't possible because the Certificate message didn't
have extensions. Starting TLS 1.3, it looks like we did define
status_request to be allowed in either direction. We (BoringSSL) never
implemented the client certificate direction, since we haven't needed it
yet. We just ign
Do client programs staple a status when sending a cert to the server? It seems
possible, someone just asked me if anyone does it.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls