On 04/25/2017 10:01 PM, Roelof Du Toit wrote:
>
> During interop testing with an open-source stack I ran into the following:
>
> CH ---->
>
> <---- SH,{EE,Cert,CV,Fin}
>
> alert ---->
>
>
>
> The alert was due to a decode error on *CV*, and the stack in question
> sent the alert in a *plaintext* record.
>
>
>
You could say which open-source stack you were using.
I know that OpenSSL, at least, still has:
/*
* TODO(TLS1.3): This actually causes a problem. We don't yet know
* whether the next record we are going to receive is an unencrypted
* alert, or an encrypted handshake message. We're going to need
* something clever in the record layer for this.
*/
but I don't think I looked at what the sending side does, yet.
-Ben
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
