[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS graceful closure

To: ietf-ldapext@netscape.com
Subject: TLS graceful closure
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 20 Mar 2000 17:13:30 -0800
Resent-date: Mon, 20 Mar 2000 17:14:08 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <xu0ExD.A.IZ.Czs14@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> Either the client or server MAY terminate the TLS connection on an LDAP
> association by sending a TLS closure alert. This will leave the LDAP
> association intact.

>Before closing a TLS connection, the client MUST either wait for any
>outstanding LDAP operations to complete, or explicitly abandon them
>[LDAPv3].

Does the server have any requirements before it can initiate such
a closure?

>After the initiator of a close has sent a closure alert, it MUST discard
>any TLS messages until it has received an alert from the other party.
>It will cease to send TLS Record Protocol PDUs, and following the
>reciept of the alert, MAY send and receive LDAP PDUs.

Including all client requests (such as unbind) and server
notice of disconnect?

>The other party, if it receives a closure alert, MUST immediately
>transmit a TLS closure alert.  It will subequently cease to send TLS
>Record Protocol PDUs, and MAY send and receive LDAP PDUs.      

Any server requirements upon receipt of a closure altert?
Such as abandoning all outstanding requests?

Prev by Date: re:draft-ietf-ldapext-acl-model-05
Next by Date: ldapACI permissions
Index(es):
- Chronological
- Thread