[TLS] Comment on Section 6.1 Closure Alerts in draft-ietf-tls-rfc8446bis-00
John Mattsson <john.mattsson@ericsson.com> Fri, 29 January 2021 14:29 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33B0A3A0D52 for <tls@ietfa.amsl.com>; Fri, 29 Jan 2021 06:29:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.351
X-Spam-Level:
X-Spam-Status: No, score=-2.351 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qw2j3gtEZhGq for <tls@ietfa.amsl.com>; Fri, 29 Jan 2021 06:29:02 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2084.outbound.protection.outlook.com [40.107.20.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B661F3A0D55 for <TLS@ietf.org>; Fri, 29 Jan 2021 06:29:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T10Bi4YJVFnXxV6wW6//403T9Eln5OIVcV1UNVtXTaaGUNNnEXN2rm1fgVKu3AuXQ0G4T8sDXwhLb/J8M7OtkXrBBZ1LUPyYUNf+7YvPGsJMw3CkT08IvnPLKmTTnUII27OvG0P7vJ+/9ZKGsVqPQPhlZxMY4l3Q4GYo095f1BClklzKfAVw4uK4g4m3kr+a5sGP3RutLdpmtLMPwastAa0P2/P09OY6EotR/cJpvlQm8LS0lE5fJULnQ60f2aNSmdqx1o6BvcUlJ7YMh/AEo3aEhl7vUaYgQtbrgvR/rcGDxXlmzgtFEKxQUgIKwxGTRZdRAu6Vst2UnQdwONfCAA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VEpZIZwKzwkOvAfGxRF6xrmtAJwvzX1EpW1t8Lp6J2k=; b=gtiycGebR3YAFqeFr0gL7BTj/pWMezRVXv4fE4lJ7PnIsvS0sn992MajhbVncZ/3vJYEq/34hPh/NEXIK+df3L5/YenQ/vpzPmKZOK+nfBrgntO9ksxDpmcCIIiOe0MfDlyFGk10DJEohLrsDfIRpYBoB4gHk0upSB+pzMfDE8vYYffm+peuAKDs6Bn07/STkcvoy0g2615vvVbqhG1TVrZIvbhIDraHHvnV844dl1WKcpivr6M09eGL3R3kp5qR+EVgabbh2/M711gknvT/H+joNtcohusU+7EQUW+C8aT6XKYA/S9wSBjTf8yPT4DPzUDM0uqFl3Zy0Z1lXEBr9g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VEpZIZwKzwkOvAfGxRF6xrmtAJwvzX1EpW1t8Lp6J2k=; b=lL8d9+qqGpeyKv4CKaYDLpnBv+1k7TuB5BkkLGiN5c5lutb+ZEjWNfkHo9fdS6TDZFBDvMIbxjFNhXMsT2jBWeXL2Z/3aJ6p/KCD7CknK0vDvxVpYuYA3GxgHiwnbCcynOvQnMw9qrXYH7S7+gxGmepbMUFWI/eYF7ayHUDigPA=
Received: from (2603:10a6:3:4b::8) by HE1PR07MB4364.eurprd07.prod.outlook.com (2603:10a6:7:97::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.10; Fri, 29 Jan 2021 14:29:00 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::c555:6e47:970c:1268]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::c555:6e47:970c:1268%11]) with mapi id 15.20.3805.017; Fri, 29 Jan 2021 14:29:00 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: Comment on Section 6.1 Closure Alerts in draft-ietf-tls-rfc8446bis-00
Thread-Index: AQHW9ksVVPlMTQDLO0a7ihLRdPi0nQ==
Date: Fri, 29 Jan 2021 14:28:59 +0000
Message-ID: <13B716A0-A79E-4293-9C77-C98CB8988C16@ericsson.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.44.20121301
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [81.225.97.222]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ff1747e5-8d8c-4a37-5b68-08d8c462382e
x-ms-traffictypediagnostic: HE1PR07MB4364:
x-microsoft-antispam-prvs: <HE1PR07MB43642B41CBDEE95AE99B2F3A89B99@HE1PR07MB4364.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MQ2jQv3TueNOL4fxQ9F/fDphiocAn7StYuoQppgnbX/bQWdIGwffJu1XHE+yJLHrysq+2s911N2TsqEWTTIbPSz3de0wy9eVrPOHvNjPUdeJgO8JP0XHjeOVoKcyHWxwdJ2Ui1DwvfJdF5tnxuD9kmtM4F1eot/rpsugx/vNRV33D2JUlug/LNCBrylQJvCUnV0YeMfyVxs6Mm/eFj17PTWBsOvkYu4uzEYIswGmf2BU7gl2N73TH+rtnzGcX9kTuOiusV2BBQLA5ImItmj1JOmjWeCqMjJPU8npR92OLOEf/wppBBZ9uExOZpTutIy1KUufJ8/T10ij0QKkdhsMyLhnfxfWpKpsrSrxBUdl++XAWTCNjWdWHbHHJ6pJOJshs5JMMx4i/yehGmAown46/E7b9c2uPPeq48e0i1OGk6w+g6vbVaW/6AKNor4STXWJdat3cT3jlP+Vdk1+nl0S4ejyWgyhgGQQTIvj50HFiKjJQr/B+YtyHLroyl21Gs7S6tTpr/zDUFOlu6fRqdOZmFenT7nDfQpR+a/8fVdzk2+1i+rTslBrRXK3xpOHtYIrPcL7CE04RbTeiw9V5DGzkQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(39860400002)(396003)(366004)(15650500001)(71200400001)(86362001)(6506007)(66476007)(186003)(76116006)(66446008)(83380400001)(8936002)(66556008)(64756008)(2616005)(33656002)(44832011)(36756003)(6512007)(26005)(8676002)(316002)(4744005)(2906002)(5660300002)(6486002)(6916009)(66946007)(478600001)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: gL42fntVjuLI5Cv8Ia3CBS1IxIqQXotQfaFsscJn9NtFntQL+4zepBVqTS+aw/4TerRmMKmsa3CJ83U6WRIPlBrIIkTRRe7/aokiHLvq35Fus0U0bJ6+In7s0c668NNOoaK+Yoh1MgfOZ0DahC/p6gw6QszM1aizHbkqbYGE6FYOhTkpJnmJa9vV14IkGaEb7+sWdwS15rjaqT1c6kxzEr5Hm3NSa/KYOQiYLKRA5SbRp7VW/eL4fpgy+8gn2OiLtWyRECR2mpg07pYz6P3jnJDdgyCbZt+00LNIJmZ8AbAAy8+XYfC1JplWPQumSbQT1SyU3KBhHLB522PORlncDeqbNvUo5ZBebAdVGFwE59ozbpMBIsAUBEgowqaluPQdke5ELjC9G5go6KUOOzwfZqoZC0qgZ+WLq6L+RFjKIvx069ssAI/b9yhinQScZLoGvpS5lV9rYrMwl22rJij4qSHkmQ1ppZbwugxC2u5sgst3MpOYVUdSd17h9FTMZUUgaGJfeiqYGBYWGpSv6Un3ChDgmRB9/iX1Zby8PpkRk5YEz5sPAM8oJ/WQoGobO6zGEYAHttozeXrR4ke8mhyd6UXatrjwcB9T/bOdnnYJByyXC1tZNImip4B+o8OWx2++/C1ZqRAPNEZ14w78zvpAyJZUgk/vKH02D5Za6Mbn/Ma2qIbIQtTF0q51/Q5doyPugHJFV49OdC7qy+RBd36a+HWyvrNKyfK1WqYER4D4PKIoBbHw2630tDXSAxMBsWMU1Oc8v+XVVJfhKlSRXc/skWihCX/pBs4fOOwDIsorjNW31dI4RPaymg1SicY3K+V/GZc9VktwFrtWtoGgMFpuFe5PZ06wjSWF6TSXa5GoDP8nX25EuP3Mgg5+j8+6B8GHPz2fBPNIal9R6989UPCNWX2KbkB0V/4N4BQN5gqOXZhgMgCIGjQLeCDpzYQiSacYdd6QdUM3WPtuM3EPv7CGy9YZfq26DPS+KnoKYFumRhJ+pb+2S8fJP3kWfld8z5Gegz92u+ge23lsFX5Rts3LHSv3rAPGrqQjxmCGWGC7xIF+FQqrlZvbiHvfkAR94qLmImT+2QX4x2PiVRo7rEaPoQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <197B231E64C34E409292E18125645786@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ff1747e5-8d8c-4a37-5b68-08d8c462382e
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2021 14:29:00.0596 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6Ajpt4h54wKgKA8dVpjtnQjNwH/IMt5S9f6+zS5E4CVodf4THs3sJ5JYfAUqLV/eixhjg4IXnj6caHAsIxTrlz2q5Og5AW4JlnmSfuq/w+w=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4364
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/a3PklPNPdjmIsbbQ-qhxzrSQryc>
Subject: [TLS] Comment on Section 6.1 Closure Alerts in draft-ietf-tls-rfc8446bis-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2021 14:29:04 -0000
Hi, I think Section 6.1 Closure Alerts is a bit unclear: First it is stated the user_canceled SHOULD be followed by close_notify "This alert SHOULD be followed by a "close_notify"." Then it is stated that it MUST be followed by close_notify "Each party MUST send a "close_notify" alert before closing its write side of the connection, unless it has already sent some error alert." And in the same section is is stated that any data folloing user_canceled MUST be ignored. "Any data received after a closure alert has been received MUST be ignored." This seems quite contradicting to me. I don't know what the correct behavior would be, but unless I misunderstood something, it looks like it should be addressed in rfc8446bis. Cheers, John
- [TLS] Comment on Section 6.1 Closure Alerts in dr… John Mattsson
- Re: [TLS] Comment on Section 6.1 Closure Alerts i… Eric Rescorla