proposal icon indicating copy to clipboard operation
proposal copied to clipboard

Published 20 hours ago verified publisher icon grpc

L46: C-core: New TLS Credentials API

Open ZhenLian opened this issue 4 years ago • 8 comments

ZhenLian avatar Sep 08 '20 06:09 ZhenLian

Please include the language in the title for "L" proposals. Thanks!

dfawley avatar Sep 08 '20 16:09 dfawley

Please include the language in the title for "L" proposals. Thanks!

Sure, sounds good!

ZhenLian avatar Sep 08 '20 17:09 ZhenLian

@yihuazhang Hey Yihua, can you please take a look at the Custom Authorization section? That part remains almost unchanged. I included some examples a the end, and it would be great to have you double check that the logic is correct. Thank you so much!

ZhenLian avatar Sep 10 '20 06:09 ZhenLian

CC @jtattermusch

jtattermusch avatar Oct 05 '20 08:10 jtattermusch

Hi, this looks great, however we were wondering if this can also support TLS-PSK (Pre-Shared Keys)?

For TLS 1.3 the TLS-PSK mode enables 0-RTT handshakes, reducing overhead for resource constrained use-cases

7hacker avatar Oct 07 '20 18:10 7hacker

Hi, this looks great, however we were wondering if this can also support TLS-PSK (Pre-Shared Keys)?

For TLS 1.3 the TLS-PSK mode enables 0-RTT handshakes, reducing overhead for resource constrained use-cases

No, I don't think so. This API is mainly for "common" TLS with asymmetric keys.

ZhenLian avatar Oct 12 '20 20:10 ZhenLian

Proposal - grpc library to provide support to configure TLS version at run time? Such that application can opt TLS version (1.2 or 1.3) at run time. Basically user can configure TLS version to use.

mankhakb avatar Mar 06 '23 04:03 mankhakb

This proposal has APIs for setting TLS version and JFYI I have https://github.com/grpc/grpc/pull/31368 pending review for this.

rockspore avatar Mar 06 '23 17:03 rockspore