Hi, Could people please confirm a detail of TLS 1.3 session close behaviour? Specifically, are half-closes supported in similar fashion to TCP half-closes - in that it is legitimate for one end to issue a Close Notify alert and for the other end to receive that alert but continue to transmit data after such reception and before sending its own Close Notify?
Further, is it reasonable for the above first end to expect the above second end to continue processing and sending data that would have been sent in the absence of such a first Close Alert? I ask because of the observed actions of Google MTA servers. When using a TLS1.3 connection, after STARTTLS on an ESMTP connection with PIPELINING and CHUNKING - if the smtp client pipelines a full set of MAIL, RCPT, BDAT nnnn LAST, QUIT *and* follows those with a TLS Close Notify then the Google server issues an immediate TCP FIN. It does this without sending any SMTP responses (even for the MAIL command) and it does not send a TLS Alert of any kind. If the full ESMTP sequence give is sent without the TLS Close Notify, then SMTP responses are transmitted by the SMTP server as expected. -- Cheers, Jeremy PS: I am aware that TLS1.2 does not support half-closes. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
