On 11/20/20 8:53 PM, Adnan Maolood wrote: > I've been working on a simpler alternative to TLS, mostly for fun and > also as a learning excersize to have a better understanding of how TLS > works. > > You can find it here: > https://sr.ht/~adnano/miso/ > > Obviously this has not undergone any security audits, so don't use it > for anything serious. > > Biggest differences from TLS: > > - No certificate authorities; use TOFU instead > - No version negotiation > - No session resumption > - Encrypted server name indication > - Much simpler > > Let me know what you think! # 2.1 Protocol Overview Application Data: C <- Status 0 <- S C <- App Data <- S C -> Status 0 -> S C -> App Data -> S ... C <- Status 1 <- S -- Connection closed ## 2.4 Close Notify The client and server MUST send the status code FINISHED before closing the connection. 2.1 shows only the server sending a 'finished' status, but 2.4 says both sides must do so?
---
Previous in thread (5 of 10): 🗣️ Emery (ehmry (a) posteo.net)
Next in thread (7 of 10): 🗣️ Adnan Maolood (me (a) adnano.co)