Re: [TLS] Issue 16: Alert clarifications
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Issue 16: Alert clarifications

At 7:57 AM -0700 6/3/07, Eric Rescorla wrote: 
http://www3.tools.ietf.org/wg/tls/trac/ticket/16

Several people have raised the issue of what alerts must be fatal
and when they should be sent. NIST suggested that all fatal alerts
MUST be sent. They also suggested that the following alerts be fatal:

- bad_certificate,
- unsupported_certificate
- certificate_revoked.
- certificate_expired

We discussed this in Prague and looking at the minutes, it looks
to me like the resolution was as follows:

- All fatal alerts MUST be sent
- For the above alerts, if you plan to tear down the connection
  on that basis you MUST make them fatal and send them
- Add a warning that some implementations tear down the connection
  for any alert so warning alerts are dangerous. New implementations
  SHOULD not tear down the connection for warning alerts.

Anyone disagree with this?

I may be mistaken, but I thought there were comments to the effect of "implementations MUST NOT tear down connections based only on a warning". That's different than what you have in the last clause.

--Paul Hoffman, Director
--VPN Consortium

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls



Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.