Re: [TLS] Sending fatal alerts over TCP
Marsh Ray <marsh@extendedsubset.com> Tue, 20 December 2011 18:12 UTC
Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0F7721F85EF for <tls@ietfa.amsl.com>; Tue, 20 Dec 2011 10:12:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j5hjcOgY+4zg for <tls@ietfa.amsl.com>; Tue, 20 Dec 2011 10:12:38 -0800 (PST)
Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) by ietfa.amsl.com (Postfix) with ESMTP id 4473A21F85A7 for <tls@ietf.org>; Tue, 20 Dec 2011 10:12:38 -0800 (PST)
Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-02-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from <marsh@extendedsubset.com>) id 1Rd4B3-000INY-Qv; Tue, 20 Dec 2011 18:12:37 +0000
Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id D4DC76067; Tue, 20 Dec 2011 18:12:35 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Originating-IP: 69.164.193.58
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX19+BhcOsy0iIAzwodCDFC3h0e53P7jF34Y=
Message-ID: <4EF0D014.1050907@extendedsubset.com>
Date: Tue, 20 Dec 2011 12:12:36 -0600
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.23) Gecko/20110921 Thunderbird/3.1.15
MIME-Version: 1.0
To: Florian Weimer <fweimer@bfk.de>
References: <82ehvzidu4.fsf@mid.bfk.de>
In-Reply-To: <82ehvzidu4.fsf@mid.bfk.de>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] Sending fatal alerts over TCP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2011 18:12:38 -0000
On 12/20/2011 07:15 AM, Florian Weimer wrote: > TCP has the property that connection shutdowns can overtake application > data if connections are used in full-duplex mode. > > Here's an example: > > X sends a fatal TLS alert to Y > X shuts down the connection > Y sends data to X > X receives from Y, sends RST to signal data loss to Y This would seem to be against the spirit of http://tools.ietf.org/html/rfc793 (section 3.5. Closing a Connection) which says "Users must keep reading connections they close for sending until the TCP says no more data." > Y receives RST > > At this point, when Y tries to send further data, it will receive EPIPE > from the sockets API. When it tries to read data, it will receive > ECONNRESET. According to the socket API sepcification, there is no way > to access the initial TLS alert. My interpretation is that RSTs are generally to be avoided by properly-coded applications and a fatal TLS alert should not prevent the graceful close of the TCP socket. I have heard of client apps that crash badly upon receiving an RST. (Alternatively this could be used to argue that they should be sent much more frequently, but that's another discussion :-) - Marsh
- [TLS] Sending fatal alerts over TCP Florian Weimer
- Re: [TLS] Sending fatal alerts over TCP Marsh Ray
- Re: [TLS] Sending fatal alerts over TCP Nico Williams
- Re: [TLS] Sending fatal alerts over TCP Bodo Moeller
- Re: [TLS] Sending fatal alerts over TCP Nico Williams
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Peter Gutmann
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Bodo Moeller
- Re: [TLS] Sending fatal alerts over TCP Florian Weimer
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Marsh Ray
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Bodo Moeller
- Re: [TLS] Sending fatal alerts over TCP Marsh Ray
- Re: [TLS] Sending fatal alerts over TCP Bodo Moeller
- Re: [TLS] Sending fatal alerts over TCP Martin Rex
- Re: [TLS] Sending fatal alerts over TCP Nico Williams
- Re: [TLS] Sending fatal alerts over TCP Peter Gutmann
- Re: [TLS] Sending fatal alerts over TCP Bodo Moeller
- Re: [TLS] Sending fatal alerts over TCP Paul Hoffman
- Re: [TLS] Sending fatal alerts over TCP Florian Weimer