I think it might be a good idea to specify that the close_notify is always sent when the TLS channel is closed. I was thinking that if we really wanted a content on the EAP Response, then it be reasonable to have the client respond with a close_notify as well.
-----Original Message----- From: Alan DeKok <[email protected]> Sent: Tuesday, August 4, 2020 10:16 AM To: Jorge Vergara <[email protected]> Cc: Jim Schaad <[email protected]>; Mohit Sethi M <[email protected]>; EMU WG <[email protected]>; Benjamin Kaduk <[email protected]> Subject: Re: [Emu] Commitment Message handling in EAP-TLS 1.3 On Aug 3, 2020, at 2:23 PM, Jorge Vergara <[email protected]> wrote: > > ACK that EAP-TLS does not need to keep the connection open. I agree. I'm happy to change the implementations to send "close notify". > Question: should some consideration be given to consistency with other EAP methods that do need to keep the connection open? i.e. PEAP/EAP-TTLS/TEAP When those methods send application data, they don't need to do anything else. When those methods use fast reconnect, they don't send application data. So the other EAP methods should also send "close notify" in that case. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
