[Date Prev][Date Next] [Chronological] [Thread] [Top]

Protocol: Graceful TLS Closure and outstanding operations

To: ietf-ldapbis@OpenLDAP.org
Subject: Protocol: Graceful TLS Closure and outstanding operations
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Tue, 28 Jan 2003 19:11:24 +0100

[Protocol] 4.13.3.1 says that the server may initiate graceful TLS
closure, which leaves the LDAP session intact.  I think outstanding
operations MUST then be abandoned, and responses to operations that
could not be abandoned MUST NOT be sent after the TLS closure.  The
responses might contain sensitive information.

Which is another reason why client-initiated TLS closure should do the
same, for symmetry:-)  BTW, the previous discussion about TLS
closure stopped without resolution, see
   http://www.openldap.org/lists/ietf-ldapbis/200212/msg00007.html

-- 
Hallvard

Prev by Date: Re: Models: Structural Object Class
Next by Date: RE: Models: Naming Contexts
Index(es):
- Chronological
- Thread