Re: [TLS] PR#625: Change alert requirements

"Salz, Rich" <rsalz@akamai.com> Wed, 07 September 2016 19:35 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7CA012B2FC for <tls@ietfa.amsl.com>; Wed, 7 Sep 2016 12:35:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xbm4WuBzIfYJ for <tls@ietfa.amsl.com>; Wed, 7 Sep 2016 12:35:13 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com [23.79.238.179]) by ietfa.amsl.com (Postfix) with ESMTP id 20B9D12B03C for <tls@ietf.org>; Wed, 7 Sep 2016 12:35:13 -0700 (PDT)
Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 509FF423735; Wed, 7 Sep 2016 19:35:12 +0000 (GMT)
Received: from prod-mail-relay10.akamai.com (prod-mail-relay10.akamai.com [172.27.118.251]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id 2DD3A42370F; Wed, 7 Sep 2016 19:35:12 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1473276912; bh=wwlp14ADqll7hr1gH1qY1NUnCHRGaRVCL4ESJW77xhA=; l=485; h=From:To:Date:References:In-Reply-To:From; b=L/e4drYi7wnfPe47LZuk5eqM1z2XfNia+Cjv6d2S/cClUKJnksfge0uIKCj7aJQQz tE6bi+Uysk3K8qiObDFqrBzxfyyT8KAtjO4lqV8QdoYuAxKylB/iBoHI+BxYlBebqf XwPh1xUrg7QMbnZr8CixeClmNrNzzKb1oyjfgSE8=
Received: from email.msg.corp.akamai.com (usma1ex-casadmn.msg.corp.akamai.com [172.27.123.33]) by prod-mail-relay10.akamai.com (Postfix) with ESMTP id 2AE161FC8C; Wed, 7 Sep 2016 19:35:12 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 7 Sep 2016 15:35:12 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1178.000; Wed, 7 Sep 2016 15:35:11 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Sean Turner <sean@sn3rd.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] PR#625: Change alert requirements
Thread-Index: AQHSB5/+4lqLjzwSKk2rlZHun7arB6BtQHqAgAEsAyA=
Date: Wed, 7 Sep 2016 19:35:11 +0000
Message-ID: <cf508e03511947a898e98eb3c273f780@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <CABcZeBMeLgqjvr2cjWL=AHTQJbS9siNBB6U2=0654yigbBGkYA@mail.gmail.com> <6EA2A272-FB9F-4E0A-A35E-680E531DD757@sn3rd.com>
In-Reply-To: <6EA2A272-FB9F-4E0A-A35E-680E531DD757@sn3rd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.44.86]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4zRbzctsxEENkwPKkTyez3wdYYs>
Subject: Re: [TLS] PR#625: Change alert requirements
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 19:35:15 -0000

I've been reading this.

I think we should get rid of the "abort" concept.  There's a clean shutdown and there's everything else which is an abrupt or unclean closing of the connection.  The "send alert" and "close connection" concepts are separable and I think we should do that.

I think writing things this way will make it more clear.  And then we can bikeshed over which alerts are MAY MUST SHOULD, knowing all along that ECONNRESET means the other side gave up.