Re: [TLS] TLS renegotiation issue

To: Marsh Ray <marsh at extendedsubset.com>
Subject: Re: [TLS] TLS renegotiation issue
From: Nicolas Williams <Nicolas.Williams at sun.com>
Date: Thu, 5 Nov 2009 16:31:30 -0600
Cc: "tls at ietf.org" <tls at ietf.org>
Delivered-to: tls at core3.amsl.com
In-reply-to: <4AF351A9.30409 at extendedsubset.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <20091105203817.GK1105 at Sun.COM> <200911052156.nA5LujHw015785 at fs4113.wdf.sap.corp> <20091105220641.GM1105 at Sun.COM> <4AF351A9.30409 at extendedsubset.com>
User-agent: Mutt/1.5.7i

On Thu, Nov 05, 2009 at 04:28:57PM -0600, Marsh Ray wrote:
> Nicolas Williams wrote:
> > I don't think it was ever really true that "the IETF doesn't do APIs".
> 
> I would add here that if the IETF had compared the way TLS looks on the
> wire with how it is presented by SSL APIs in practice, this defect could
> not have gone unnoticed.

Indeed.  Larry Zhu described to me how the SSPI models TLS just a few
days ago.  I should have noticed immediately the lack of binding, but
because I wasn't also thinking of HTTPS, I didn't.

I'd go far enough to say that we must consider at least abstract APIs to
protocols such as TLS.

Nico
--

Follow-Ups:
- Re: [TLS] TLS renegotiation issue
  - From: Blumenthal, Uri - 0662 - MITLL

References:
- Re: [TLS] TLS renegotiation issue
  - From: Nicolas Williams
- Re: [TLS] TLS renegotiation issue
  - From: Martin Rex
- Re: [TLS] TLS renegotiation issue
  - From: Nicolas Williams
- Re: [TLS] TLS renegotiation issue
  - From: Marsh Ray

Prev by Date: Re: [TLS] TLS renegotiation issue
Next by Date: Re: [TLS] TLS renegotiation issue
Previous by thread: Re: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] TLS renegotiation issue
Index(es):
- Date
- Thread

Re: [TLS] TLS renegotiation issue

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.