On Feb 14, 2021, at 9:46 PM, Benjamin Kaduk wrote:
> On first look it seems like all of those will be able to achieve the
> required properties. In some sense it is "probably" going to be "easier"
> for an application using TLS to use TLS application data (as opposed to
> alerts) to affect its be
On Sun, Feb 14, 2021 at 6:47 PM Benjamin Kaduk wrote:
> On Wed, Feb 10, 2021 at 10:48:10AM +, John Mattsson wrote:
> > With Alan's comments, I think we are down to 3 alternatives:
> >
> > (1a). Use close_notify alert as protected success.
> > Use error alerts as protected failure.
> >
>
On Wed, Feb 10, 2021 at 10:48:10AM +, John Mattsson wrote:
> With Alan's comments, I think we are down to 3 alternatives:
>
> (1a). Use close_notify alert as protected success.
> Use error alerts as protected failure.
>
> - Forbid close_notify except as success indication
> -
With Alan's comments, I think we are down to 3 alternatives:
(1a). Use close_notify alert as protected success.
Use error alerts as protected failure.
- Forbid close_notify except as success indication
- Mandate Error alert before EAP-Failure
- Forbid all use of user_cancelle
