On Wednesday, 7 September 2016 10:19:02 CEST Eric Rescorla wrote: > On Wed, Sep 7, 2016 at 10:05 AM, Hubert Kario <hka...@redhat.com> wrote: > > On Monday, 5 September 2016 11:02:57 CEST Eric Rescorla wrote: > > > PR: https://github.com/tlswg/tls13-spec/pull/625 > > > > > > Currently the TLS spec requires implementations to send alerts under > > > > various > > > > > fatal conditions. However, many stacks actually don't send alerts > > > > the only popular stack I found that does not seem to send alerts is the > > schannel from Microsoft > > Well, that's a fairly popular stack.
just pointing out that "one does not many make" :) > > F5, FortiOS, OpenSSL, NSS, GnuTLS, Java, mbedTLS, botan, axtls, Go > > implementation of TLS, all send alert messages > > My understanding is that this is situation-dependent and that some systems > do not send alerts all the time. which points out that some messages (both valid and invalid) may not be handled as well as they should while making a protocol definition that is precise and allows for interoperability is the primary objective of this work group, I think we can all agree that helping developers actually implement it correctly and with no bugs (a la heartbleed) is not something we should completely ignore In my opinion, precise definition of error handling does that (even if implementation decides not to send alerts at all). -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
