TODO: Support the clienthello extension

author Daniel Stenberg <daniel@haxx.se>

Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)
author Daniel Stenberg <daniel@haxx.se>
Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)
diff --git a/docs/TODO b/docs/TODO

index 4a3a9b7d9614f77917d9ae10665f4ab3fe66b4dd..cd0d6f2b603f0a049c0b988a6faf87adf2b0da50 100644 (file)
--- a/docs/TODO
+++ b/docs/TODO
@@ -115,6 +115,7 @@
   13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
   13.12 Support HSTS
   13.13 Support HPKP
+ 13.14 Support the clienthello extension
  
   14. GnuTLS
   14.1 SSL engine stuff
@@ -807,6 +808,16 @@ that doesn't exist on the server, just like --ftp-create-dirs.
   Doc: https://developer.mozilla.org/de/docs/Web/Security/Public_Key_Pinning
   RFC: https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21
  
+13.14 Support the clienthello extension
+
+ Certain stupid networks and middle boxes have a problem with SSL handshake
+ pakets that are within a certain size range because how that sets some bits
+ that previously (in older TLS version) were not set. The clienthello
+ extension adds padding to avoid that size range.
+
+ https://tools.ietf.org/html/rfc7685
+ https://github.com/curl/curl/issues/2299
+
  14. GnuTLS
  
  14.1 SSL engine stuff
author	Daniel Stenberg <daniel@haxx.se>
	Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Sun, 29 Apr 2018 22:42:34 +0000 (00:42 +0200)