Does anyone else have any other thoughts on this? I'm not a TLS expert but similarly value the TLS Fatal Alerts over using close_notify. If we will be losing alerts then I would favor switching back to 0x00.
Jorge Vergara -----Original Message----- From: Alan DeKok <[email protected]> Sent: Wednesday, September 2, 2020 10:33 AM To: John Mattsson <[email protected]> Cc: John Mattsson <[email protected]>; Mohit Sethi M <[email protected]>; Jorge Vergara <[email protected]>; Mohit Sethi M <[email protected]>; Benjamin Kaduk <[email protected]>; EMU WG <[email protected]> Subject: Re: [Emu] Commitment Message handling in EAP-TLS 1.3 On Sep 1, 2020, at 10:23 AM, John Mattsson <[email protected]> wrote: > > If the ability to send a descriptive TLS Fatal Alert back to the peer is a > requirement, changing to close_notify seems like a bad idea. It's fine for EAP Success. But having two different code paths is a little surprising. > My understanding is that is would add an extra roundtrip without any clear > benefits compared to sending an encrypted 0x00 application data. That's a reason to stick with sending 0x00, then. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
