Joe Birr-Pixton
Joe Birr-Pixton
> As it is currently, rustls **_owns_ the data _anyways_** due to at least 2 (IIRC) unnecessary allocating copies of the appdata passed in Could you point out where this...
Maybe a better name for this type is just `rustls::Error`?
It seems pretty low cost to have the deprecated alias, so let's do that IMO.
I think things which are named after external standards should use the naming in those standards, as far as possible. I think that means: - `CHACHA20_POLY1305_SHA256` as a cipher suite...
See also the discussion on #995
I think it's notable that these issues are both complaining about the first operations on memory written by AES-GCM seal/unseal operations? Likely these are assembly operations, which means msan's shadow...
I think maybe we'll want to solve a few issues with the same/similar mechanism: - asynchronous server certificate validation by client (the primary problem) - asynchronous client certificate validation by...
We'll need the actual certificate concerned to provide any help here.
First point of confusion: we have [specific tests](https://github.com/rustls/rustls/blob/main/rustls/tests/api.rs#L751-L780) for this case that were added well before 0.17. It seems, then, that this test is ineffective or is testing something else....
> My plan is to do #1 first. I'm hoping the client-side code of Rustls can then be easily modified to pass staplied OCSP responses to webpki as part of...