Eduard Suica

Waw, impressive! Thank you for the detailed report. I will try to solve most of them after September 1st - I'm wandering around in South America until August, 31. But...

Hello! I'm not sure I understand. "The router is not working properly"? Can you please provide more details? Thank you!

You're wright! The problems seems to be with: ``` int tls_certificate_verify_signature(struct TLSCertificate *cert, struct TLSCertificate *parent) { if ((!cert) || (!parent) || (!cert->sign_key) || (!cert->fingerprint) || (!cert->sign_len) || (!parent->der_bytes) ||...

The correct solution is to have a full ANS1 X.509 implementation (mine is a minimalist-heuristic one). I will try to generate an alternative implementation with asn1c and select one or...

I understand, but I want TLSe to also run on chips (like ESP32). I'll figure something out :) Thanks!

@Wertzui123 yes, it is a security issue. Make the connection vulnerable to Man-In-The-Middle attack (not validating the certificate means not validating the server or client identity). I'm working on an...

@sjaeckel cool! Didn't know ltc had one :). That is great, thanks for the info! I'll try it this week-end.

Thanks for reporting this. I never really tested client certificates on TLS 1.3. I'll take a look today. > In [tls_build_certificate, line 10019](https://github.com/eduardsui/tlse/blob/312c13c273501e042ad0b6918738099c0f4f95fa/tlse.c#L10019), we treat all_certificate_size > 0 differently from...

@svkampen can you create a pull request for this? Thanks!