Hi, There was several recent comments on close_notify and the ability to send alert messages. My understanding is that the message flow in -14 allows the important alert messages to be sent. The server can always send an alert explaining why client authentication failed. This should be a hard requirement. The only alert that cannot be sent in the -14 message flows is an alert from the client describing that the NewSessionTicket is wrong. That requires splitting NewSessionTicket and close_notify in different EAP requests, this is something that -14 does not forbid but does not describe either.
My understanding is that TLS 1.3 MUST ignore all data after close_notify is sent. But this section is RFC8446 is contradicting itself and will be fixed in RFC8446bis. The cost for allowing alert messages with close_notify might be an extra round-trip. It seems unclear how many implementations that allow/will allow application data to be send directly after the server's first flight. My earlier comments on the list close_notify did not work with alert concerned the message flows that had been added to the GitHub version of the draft which I think did not work. At that point there was also no stated motivation for change expect "EKR said close_notify could be used...." John _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
