Re: [TLS] Expanded alert codes

Peter Gutmann <> Mon, 21 May 2018 12:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C0990126E64 for <>; Mon, 21 May 2018 05:09:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bPThhLlJpE2d for <>; Mon, 21 May 2018 05:09:33 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7DBFE126E01 for <>; Mon, 21 May 2018 05:09:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1526904572; x=1558440572; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=sa5f5tJCFhDCC7kK529Xvucs4SGimv8Tp6j1r6TDePA=; b=1maVYZkAtyWbk7FJF1UkR/PJ9uXcPkSinVaOx/23mw3WamfXN8+OXwjh 5XCF4NxdVhHR7Y1SuAZj7ud9EdaNArOkzfGBWF5ITsSVEx9lpclj2bQYR 4NgZFo/1MVtfwXkQglTrDgPmG5q1ChY3CQRsyb0x640aTtr2CIHa8QGsZ MLoUDBlXUf6UdxYP0SC8MAhaZTCYTsDs2zDZ6hiexjCKU/P6vN4oTEt47 TNwEl4jn25Mg2St6czbQOoASSjNBiuHuDNS4Xx5FjwPA4W9kNT87UZ0+P M1Zb1tacQHiE72QG4XvQfwaT9owOJbSByOwslRt9W2+OtA+IEJ7eNVCSS w==;
X-IronPort-AV: E=Sophos;i="5.49,426,1520852400"; d="scan'208";a="12301046"
X-Ironport-Source: - Outgoing - Outgoing
Received: from (HELO ([]) by with ESMTP/TLS/AES256-SHA; 22 May 2018 00:09:29 +1200
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 22 May 2018 00:09:29 +1200
Received: from ([fe80::9f5:baf3:43e7:a6e6]) by ([fe80::9f5:baf3:43e7:a6e6%14]) with mapi id 15.00.1263.000; Tue, 22 May 2018 00:09:28 +1200
From: Peter Gutmann <>
To: Eric Rescorla <>
CC: Kathleen Moriarty <>, Bill Frantz <>, Steve Fenter <>, "Dale R. Worley" <>, "<>" <>
Thread-Topic: Expanded alert codes
Thread-Index: AQHT8PxOiBfXisHgz0GQ8m34NZHo8g==
Date: Mon, 21 May 2018 12:09:28 +0000
Message-ID: <>
References: <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [TLS] Expanded alert codes
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 21 May 2018 12:09:35 -0000

Reviving this discussion, if I write up a draft for this what's going to
happen to it?  Will it get published, or shouted down?  The reason I'm asking
is that I've just spent the past three days debugging a TLS issue that's
pretty much a poster child for why extended alerts are needed, it was
something that would have been resolved in a single handshake exchange with
extended alerts, but took three days to sort out without them.  The sequence
was as follows:

  Client sends standard client hello.
  Server responds with handshake failed alert.

The same client has been running for years, and connects fine to any number of
servers, and openssl and some web browsers connect fine to the server.  The
only message exchanged was the hello, so there's zero security issues in
providing extended alerts.

Since some people have argued that extended alerts aren't necessary or useful,
I'll wait awhile for them to diagnose what was wrong using the information
above, which was all that was available.