i just published a client & server implementation of TLS-SRP, based
on crypto/tls.

TLS-SRP lets a client make a secure, authenticated TLS connection
to a server with only a username and password. no certificates are
needed. no certificate authorities have to be trusted.

you can find it at:


this code is based on a stripped down version of crypto/tls from the
1.2 branch. i didn't integrate tls-srp into crypto/tls because it would
complicate the implementation (and tls-srp isn't in high demand afaik).
also, the api/interface would become less simple.

i tested it (successfully) against gnutls and openssl. the code could
still use a good (security) review. other feedback is welcome too!

You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
postedMay 3, '14 at 1:31a
activeMay 3, '14 at 1:31a

1 user in discussion

Mechiel Lukkien: 1 post



site design / logo © 2022 Grokbase