Re: [TLS] PR#625: Change alert requirements

"Salz, Rich" <rsalz@akamai.com> Thu, 08 September 2016 16:13 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE92E12B023 for <tls@ietfa.amsl.com>; Thu, 8 Sep 2016 09:13:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bmDpFSmjuyB8 for <tls@ietfa.amsl.com>; Thu, 8 Sep 2016 09:13:22 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id 2392F12B32B for <tls@ietf.org>; Thu, 8 Sep 2016 09:11:13 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 104A1433403; Thu, 8 Sep 2016 16:11:12 +0000 (GMT)
Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com [172.27.118.250]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id E2B00433414; Thu, 8 Sep 2016 16:11:11 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1473351071; bh=fdCSVw6izFa/5ronIh9WGof1f3nvpOYw1XnTnq7TJ+U=; l=808; h=From:To:Date:References:In-Reply-To:From; b=AI6lv4P3Y2/YYyMtUPWKfGt/KA7WgFHR70N6urzQzVKWZYtCpJpgAp/matbcdoR+O AsLhxmbk70VSPVoV32p3wh06iuElDxuN8tl7UkrGDAsYMi+2uyXQAdy7BUQtW+wF1+ RA/G1PhLj/IVgtI2dZgB/h7TIQ34hxQSoAS0EOIE=
Received: from email.msg.corp.akamai.com (ecp.msg.corp.akamai.com [172.27.123.34]) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id DF4811FC8E; Thu, 8 Sep 2016 16:11:11 +0000 (GMT)
Received: from USMA1EX-EXJRNL1.msg.corp.akamai.com (172.27.123.99) by usma1ex-dag1mb2.msg.corp.akamai.com (172.27.123.102) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Thu, 8 Sep 2016 12:11:11 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by USMA1EX-EXJRNL1.msg.corp.akamai.com (172.27.123.99) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Thu, 8 Sep 2016 12:11:11 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1178.000; Thu, 8 Sep 2016 12:11:11 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Sean Turner <sean@sn3rd.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] PR#625: Change alert requirements
Thread-Index: AQHSB5/+4lqLjzwSKk2rlZHun7arB6BtQHqAgAKEdvA=
Date: Thu, 8 Sep 2016 16:11:10 +0000
Message-ID: <2e8ff668f6a44f97bcb3a263a0cabc78@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <CABcZeBMeLgqjvr2cjWL=AHTQJbS9siNBB6U2=0654yigbBGkYA@mail.gmail.com> <6EA2A272-FB9F-4E0A-A35E-680E531DD757@sn3rd.com>
In-Reply-To: <6EA2A272-FB9F-4E0A-A35E-680E531DD757@sn3rd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.47.70]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/luaxtMSboPx0UYcTxbDUfw-hwHA>
Subject: Re: [TLS] PR#625: Change alert requirements
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2016 16:13:24 -0000

I think an introductory section on "normal and exceptional flow of control" or such would help.  It could also define consistent terminology to be used in the rest of the document.  To take a stab at it:
	Close -- means cleanly close the connection at some point after the necessary alerts have been sent etc
	Teminate -- to close the connection unexpectedly, such as when an one side detects an error.  In these cases, an alert SHOULD be sent before the TCP connection is closed.  (Do we bind/imply TCP?)  I would use this instead of the term abort.

Yes, most of that text is in lines 3422ff.  Put them up earlier.

Then, throughout the rest of the doc, we use things like "if not consistent, terminate the handshake with illegal_parameter"

I can live with the current PR tho.