Re: [ietf-provreg] AD Review Comments: draft-hollenbeck-rfc4934bis-00
Patrick Mevzek <provreg@contact.dotandco.com> Tue, 14 April 2009 13:25 UTC
Return-Path: <owner-ietf-provreg@cafax.se>
X-Original-To: ietfarch-provreg-archive@core3.amsl.com
Delivered-To: ietfarch-provreg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C2C6B3A67B6 for <ietfarch-provreg-archive@core3.amsl.com>; Tue, 14 Apr 2009 06:25:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v9LUusOIUjny for <ietfarch-provreg-archive@core3.amsl.com>; Tue, 14 Apr 2009 06:25:57 -0700 (PDT)
Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id F1FDA3A69DD for <provreg-archive@ietf.org>; Tue, 14 Apr 2009 06:25:44 -0700 (PDT)
Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n3EDB6t1026511 for <ietf-provreg-outgoing@nic.cafax.se>; Tue, 14 Apr 2009 15:11:06 +0200 (MEST)
Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n3EDB6ub014438 for ietf-provreg-outgoing; Tue, 14 Apr 2009 15:11:06 +0200 (MEST)
X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f
Received: from mail.dotandco.com (triglav.dotandco.com [194.242.114.22]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n3EDB6kp010998 for <ietf-provreg@cafax.se>; Tue, 14 Apr 2009 15:11:06 +0200 (MEST)
Received: from triglav.dotandco.com (localhost.localdomain [127.0.0.1]) by mail.dotandco.com (8.13.8/8.13.8/Debian-3) with ESMTP id n3EDB586011235; Tue, 14 Apr 2009 15:11:05 +0200
Received: from localhost (localhost [[UNIX: localhost]]) by triglav.dotandco.com (8.13.8/8.13.8/Submit) id n3EDB5HC011234; Tue, 14 Apr 2009 15:11:05 +0200
X-Authentication-Warning: triglav.dotandco.com: patrick set sender to provreg@contact.dotandco.com using -f
Date: Tue, 14 Apr 2009 15:11:05 +0200
From: Patrick Mevzek <provreg@contact.dotandco.com>
To: EPP Provreg <ietf-provreg@cafax.se>
Subject: Re: [ietf-provreg] AD Review Comments: draft-hollenbeck-rfc4934bis-00
Message-ID: <20090414131105.GA6802@home.patoche.org>
References: <046F43A8D79C794FA4733814869CDF07029FD625@dul1wnexmb01.vcorp.ad.vrsn.com> <C6092A3A.31E91%jgould@verisign.com> <046F43A8D79C794FA4733814869CDF07029FD729@dul1wnexmb01.vcorp.ad.vrsn.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <046F43A8D79C794FA4733814869CDF07029FD729@dul1wnexmb01.vcorp.ad.vrsn.com>
Organization: Dot And Co
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Greylist: Sender is SPF-compliant, not delayed by milter-greylist-3.0 (mail.dotandco.com [127.0.0.1]); Tue, 14 Apr 2009 15:11:06 +0200 (CEST)
Sender: owner-ietf-provreg@cafax.se
Precedence: bulk
[about TLS & close_notify] Hollenbeck, Scott <shollenbeck@verisign.com> 2009-04-14 14:14 > I'm reasonably certain > that this is behavior that's typically buried in a toolkit instead of > being implemented by an EPP developer, so perhaps that new text should > be removed from the document. I agree with you on that. As James, I'm using a toolkit to deal with SSL stuff (a wrapper around openssl called IO::Socket::SSL under Perl), I do not know if it does a TLS_close_notify. Per its documentation, it does do it properly, even warning not to do a shutdown before a close has it needs to send this TLS notification on proper shutdown. Also, most of the time, the connection is first closed by the server, after the client <logout/> message. A quick ssldump gives me: 1 8 0.2824 (0.0000) S>CV3.1(992) application_data 1 9 0.2967 (0.0142) C>SV3.1(768) application_data 1 10 0.3632 (0.0664) S>CV3.1(576) application_data 1 11 1.2652 (0.9020) C>SV3.1(336) application_data 1 12 1.3261 (0.0608) S>CV3.1(368) application_data 1 13 1.3261 (0.0000) S>CV3.1(32) Alert 1 1.3261 (0.0000) S>C TCP FIN 1 14 1.3275 (0.0013) C>SV3.1(32) Alert 1 1.3279 (0.0004) C>S TCP RST The alerts are probably the close_notify. -- Patrick Mevzek Dot and Co <http://www.dotandco.com/> <http://www.dotandco.net/>
- [ietf-provreg] AD Review Comments: draft-hollenbe… Hollenbeck, Scott
- Re: [ietf-provreg] AD Review Comments: draft-holl… James Gould
- RE: [ietf-provreg] AD Review Comments: draft-holl… Hollenbeck, Scott
- Re: [ietf-provreg] AD Review Comments: draft-holl… Patrick Mevzek
- Re: [ietf-provreg] AD Review Comments: draft-holl… Patrick Mevzek
- Re: [ietf-provreg] AD Review Comments: draft-holl… James Gould