Re: [TLS] Issue 16: Alert clarifications

[Martin Rex <Martin.Rex at sap.com>]

Martin Rex wrote:
> 
> The "no_certificate" and "no_renegotiation" message, when sent as
> warning (not as fatal) are definitely not errors, they just happen
> to share the same messaging primitive (SSL alert) and are therefore
> described in this section as well.

I should have written "ssl alert" instead of "message".

When I just compared SSLv3 and TLSv1 I realized subtle differences
that are not listed as (backwards incompatible) changes to the spec.

A list of changes from SSLv3 -> TLSv1.0 -> TLSv1.1 -> TLSv1.2
seems to be missing badly from the existing documents.

SSLv3 still had a "no_certificate" (warning) alert, which has evaporated
without traces from TLSv1.0.  Instead, TLSv1.0 allows an empty
certificate list in (server and) Client Certificate message, something
that was _NOT_ permitted in SSLv3.

I also noticed that the Certificate Request message was silently changed
from TLSv1.0 to TLSv1.1, suddenly permitting an empty list of DNames
(which is _NOT_ permitted in SSLv3 and TLSv1.0)

Acutally, I quite dislike this latter feature because it will be
annoying to users with multiple client certs if automatic selection
of a matching cert is impossible.

-Martin

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls