Hi David, This question seems a bit out of scope for TLS, which is kind of indifferent to the transport interaction.
Perhaps it might make sense to be in UTA, though unfortunately, RFC 7525-bis is in the editor queue now... -Ekr On Mon, Nov 7, 2022 at 1:37 AM David Barr <david20...@gmail.com> wrote: > How can I make suggestions for the TLS specifications? I'm having a > problem that could be clarified by a change to the spec. > > This is the sentence that causes problems for me: "how to initiate TLS > handshaking and how to interpret the authentication certificates exchanged > are left to the judgment of the designers and implementors of protocols > that run on top of TLS". > > I have two vendors that have implemented software that layers the HL7 > protocol on top of TLS. The Epic implementation does not perform a > handshake until it has data to send. This could be hours after the TCP > connection is established. There is no other TCP communication prior to the > handshake (e.g. a STARTTLS command). The Infor Cloverleaf implementation > times out waiting for a handshake, and the software becomes unresponsive > while this is happening. > > It would be helpful if the TLS spec added something like this: > > If protocols that are layered on top of TLS use implicit encryption > (relying on a port number rather than an explicit command that is issued > before the handshake), then the handshake should begin immediately after > the TCP/IP socket connection is established. > > I have no idea how suggestions like this make it into the spec, so if I > need to suggest this somewhere else, please let me know. > > David Barr > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
