Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gh-95341: Implement tls-exporter channel bindings and export key materials #95366

Draft
wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

gh-95341: Implement tls-exporter channel bindings and export key materials #95366

wants to merge 6 commits into from
+225 −44

Conversation

tiran
Copy link
Member

@tiran tiran commented Jul 28, 2022
edited by bedevere-bot
Loading

This was referenced Jul 28, 2022
Closed
Closed
Open
@oberstet oberstet mentioned this pull request Jul 31, 2022
Open
@Neustradamus
Copy link

@tiran: Thanks for your PR!

Can you add tls-exporter/9266 like tls-unique/5929 in files too?

@Neustradamus
Copy link

@tiran: Have you an idea when it will be merged?

Thanks for your work!

@tiran
Copy link
Member Author

tiran commented Aug 6, 2022

When it's ready. There is no need to rush this PR. The feature window for 3.12 is open for another 8 months.

@Neustradamus
Copy link

@tiran: Thanks for your answer! No problem ^^

@Neustradamus
Copy link

Hi @tiran, I see "v3.12.0a1" but it is without this PR :/

Can you look?

Thanks in advance.

@TheZ3ro
Copy link

TheZ3ro commented May 25, 2023

any news about this @tiran ?

@TheZ3ro TheZ3ro mentioned this pull request May 25, 2023
Open
@Neustradamus
Copy link

@tiran: Have you progressed on it since more one year?

cc: @wingel

@Neustradamus
Copy link

Neustradamus commented Nov 8, 2023
edited
Loading

@tiran: I think that you have seen the jabber.ru MITM:

Can you add "tls-server-end-point" from RFC5929 too?

It is needed for all SCRAM-SHA-*-PLUS (several RFCs) and specified in:

Thanks in advance.

@Neustradamus Neustradamus mentioned this pull request Nov 9, 2023
Open
@Neustradamus Neustradamus mentioned this pull request Nov 19, 2023
Open
@Neustradamus
Copy link

Dear @python team,

It is possible to look for @tiran PR:

Security is important!

  • tls-unique for TLS =< 1.2
  • tls-server-end-point
  • tls-exporter for TLS = 1.3

Several projects/products wait you...

@erlend-aasland erlend-aasland added the type-security A security issue label Jan 4, 2024
This was referenced Feb 9, 2024
Closed
Closed
@Neustradamus Neustradamus mentioned this pull request May 8, 2024
Closed
Neustradamus referenced this pull request Oct 26, 2024
@pitrou
Issue #12551: Provide a get_channel_binding() method on SSL sockets s…
d649480 
…o as

to get channel binding data for the current SSL session (only the
"tls-unique" channel binding is implemented).  This allows the
implementation of certain authentication mechanisms such as SCRAM-SHA-1-PLUS.

Patch by Jacek Konieczny.
@fabiang fabiang mentioned this pull request Nov 12, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
awaiting core review type-security A security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tiran @Neustradamus @TheZ3ro @erlend-aasland @bedevere-bot