aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2018-04-30 00:42:34 +0200
committerDaniel Stenberg <daniel@haxx.se>2018-04-30 00:42:34 +0200
commite085ea95efb51208fcd163550fd3e21f78e3553f (patch)
treeeaa996493d6633634f56958bc15e8af8fa72ae24 /docs
parent0cbfff98953155c590f447f15422e78ca64d49c4 (diff)
TODO: Support the clienthello extension
Closes #2299
Diffstat (limited to 'docs')
-rw-r--r--docs/TODO11
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 4a3a9b7d9..cd0d6f2b6 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -115,6 +115,7 @@
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
13.12 Support HSTS
13.13 Support HPKP
+ 13.14 Support the clienthello extension
14. GnuTLS
14.1 SSL engine stuff
@@ -807,6 +808,16 @@ that doesn't exist on the server, just like --ftp-create-dirs.
Doc: https://developer.mozilla.org/de/docs/Web/Security/Public_Key_Pinning
RFC: https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21
+13.14 Support the clienthello extension
+
+ Certain stupid networks and middle boxes have a problem with SSL handshake
+ pakets that are within a certain size range because how that sets some bits
+ that previously (in older TLS version) were not set. The clienthello
+ extension adds padding to avoid that size range.
+
+ https://tools.ietf.org/html/rfc7685
+ https://github.com/curl/curl/issues/2299
+
14. GnuTLS
14.1 SSL engine stuff