[Date Prev][Date Next] [Chronological] [Thread] [Top]

Outstanding operations after TLS closure/renegotiation

To: ietf-ldapbis@OpenLDAP.org
Subject: Outstanding operations after TLS closure/renegotiation
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Fri, 25 Feb 2005 14:34:47 +0100

Protocol-30 4.14.3 (Removal of the TLS Layer) says:

>   After the TLS layer has been removed, the server MUST NOT send
>   responses to any request message received before the TLS closure
>   alert. Thus, clients wishing to receive responses to messages sent
>   while the TLS layer is intact MUST wait for those message responses
>   before sending the TLS closure alert.

Didn't we have some text clarifying that the server can either complete
such operations without sending a response, or abandon them?  I don't
see that here.

How about outstanding operations after TLS ciphersuite renegotiation?
I would think they have the same problem as we'd have with sending
responses after closure.  At least if a poorer cipher is negotiated,
but it would be messy to try to maintain some ranking of which
renegotiations should drop responses and which ones should not.

-- 
Hallvard

Follow-Ups:
- Re: Outstanding operations after TLS closure/renegotiation
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: [Authmeth]: TLS Ciphersuites
Next by Date: protocol: searches and subtypes
Index(es):
- Chronological
- Thread