On Wed, Sep 7, 2016 at 10:05 AM, Hubert Kario <hka...@redhat.com> wrote:
> On Monday, 5 September 2016 11:02:57 CEST Eric Rescorla wrote: > > PR: https://github.com/tlswg/tls13-spec/pull/625 > > > > Currently the TLS spec requires implementations to send alerts under > various > > fatal conditions. However, many stacks actually don't send alerts > > the only popular stack I found that does not seem to send alerts is the > schannel from Microsoft > Well, that's a fairly popular stack. > F5, FortiOS, OpenSSL, NSS, GnuTLS, Java, mbedTLS, botan, axtls, Go > implementation of TLS, all send alert messages > My understanding is that this is situation-dependent and that some systems do not send alerts all the time. > Note that these are to some extent orthogonal changes; even if we decide > to > > continue mandating sending alerts, that should be listed in one location > not > > scattered around the spec. > > In my opinion, putting the information how to handle errors in processing > given message near the definition of a message makes it easier for > implementers to implement and makes it less likely that they'll miss error > handling. > Fair enough. I think this is a question of editor discretion. -Ekr > -- > Regards, > Hubert Kario > Senior Quality Engineer, QE BaseOS Security team > Web: www.cz.redhat.com > Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
