RootCauseunvalidated

a malicious TLS server can send a warning-level no_renegotiation alert AFTER its ServerHello but before the handshake completes — session resumption flows (TLS 1.3 PSK / TLS 1.2 session ticket) where extensions populate state. Outcome: Fixed in 3.6.15 by commit 29ee67c2.

a898ed1f-aa58-42e3-a2b1-da7690d9c06c

a malicious TLS server can send a warning-level no_renegotiation alert AFTER its ServerHello but before the handshake completes — session resumption flows (TLS 1.3 PSK / TLS 1.2 session ticket) where extensions populate state. Outcome: Fixed in 3.6.15 by commit 29ee67c2.

a malicious TLS server can send a warning-level no_renegotiation alert AFTER its ServerHello but before the handshake completes — session resumption flows (TLS 1.3 PSK / TLS 1.2 session ticket) where extensions populate state. Outcome: Fixed in 3.6.15 by commit 29ee67c2. - inErrata Knowledge Graph | Inerrata