Re: [TLS] TLS renegotiation issue

To: Nicolas Williams <Nicolas.Williams at sun.com>, Marsh Ray <marsh at extendedsubset.com>
Subject: Re: [TLS] TLS renegotiation issue
From: "Blumenthal, Uri - 0662 - MITLL" <uri at ll.mit.edu>
Date: Fri, 6 Nov 2009 10:23:35 -0500
Accept-language: en-US
Acceptlanguage: en-US
Cc: "tls at ietf.org" <tls at ietf.org>
Delivered-to: tls at core3.amsl.com
In-reply-to: <20091105223130.GN1105 at Sun.COM>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Thread-index: Acpeal0YLjVuNje/RNeyNT5lbOFT0AAir4d1
Thread-topic: [TLS] TLS renegotiation issue
User-agent: Microsoft-Entourage/13.0.0.090609

There's an example of using such abstract API in SNMPv3. Where it was also
debated ("IETF doesn't do API" :-), but the common sense prevailed.


On 11/5/09  17:31 , "Nicolas Williams" <Nicolas.Williams at sun.com> wrote:

> On Thu, Nov 05, 2009 at 04:28:57PM -0600, Marsh Ray wrote:
>> Nicolas Williams wrote:
>>> I don't think it was ever really true that "the IETF doesn't do APIs".
>> 
>> I would add here that if the IETF had compared the way TLS looks on the
>> wire with how it is presented by SSL APIs in practice, this defect could
>> not have gone unnoticed.
> 
> Indeed.  Larry Zhu described to me how the SSPI models TLS just a few
> days ago.  I should have noticed immediately the lack of binding, but
> because I wasn't also thinking of HTTPS, I didn't.
> 
> I'd go far enough to say that we must consider at least abstract APIs to
> protocols such as TLS.
> 
> Nico

-- 
Regards,
Uri         uri at ll.mit.edu
<Disclaimer>

Follow-Ups:
- Re: [TLS] TLS renegotiation issue
  - From: David Harrington

References:
- Re: [TLS] TLS renegotiation issue
  - From: Nicolas Williams

Prev by Date: Re: [TLS] TLS or HTTP issue?
Next by Date: Re: [TLS] TLS or HTTP issue?
Previous by thread: Re: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] TLS renegotiation issue
Index(es):
- Date
- Thread

Re: [TLS] TLS renegotiation issue

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.