You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Each of those tests should dump the actual TLS session, ideally as a pcap file, and the session keys involved, so that the dumped trace can be automatically checked for protocol conformance.
The goal is to get stronger guarantees out of each test that gets written; as mentioned in #81, taking invalid transitions in the protocol is a major source of vulnerabilities.
The text was updated successfully, but these errors were encountered:
We have quite a few tests that produce actual TLS sessions:
api.rs
seems to test rustls against itself;Each of those tests should dump the actual TLS session, ideally as a pcap file, and the session keys involved, so that the dumped trace can be automatically checked for protocol conformance.
The goal is to get stronger guarantees out of each test that gets written; as mentioned in #81, taking invalid transitions in the protocol is a major source of vulnerabilities.
The text was updated successfully, but these errors were encountered: