HeartBleed 和客户端证书

Question

   A HeartbeatRequest message can arrive almost at any time during the
   lifetime of a connection.  Whenever a HeartbeatRequest message is
   received, it SHOULD be answered with a corresponding
   HeartbeatResponse message.

我相信这意味着它可能发生在 TLS 的“hello”阶段，客户端和服务器正在交换证书，即在服务器可以根据证书或缺少证书对客户端说“不”之前。

Answer 1

从RFC 6520：

   A HeartbeatRequest message can arrive almost at any time during the
   lifetime of a connection.  Whenever a HeartbeatRequest message is
   received, it SHOULD be answered with a corresponding
   HeartbeatResponse message.

我相信这意味着它可能发生在 TLS 的“hello”阶段，客户端和服务器正在交换证书，即在服务器可以根据证书或缺少证书对客户端说“不”之前。

HeartBleed 和客户端证书

答案1

相关内容