subject:"Handling TCP connection shutdown without TLS close

Re: Handling TCP connection shutdown without TLS close_notify

2021-03-13 Thread Daniel Stenberg via curl-library

On Sat, 13 Mar 2021, Ray Satiro via curl-library wrote: I would make it an error. If it's really a problem we can address it later in an option, but I would not spend any time on that now. I concur. Being strict about it is better than the opposite. -- / daniel.haxx.se | Commercial curl

Re: Handling TCP connection shutdown without TLS close_notify

2021-03-12 Thread Ray Satiro via curl-library

On 3/12/2021 11:27 PM, Jacob Hoffman-Andrews via curl-library wrote: In https://github.com/curl/curl/issues/4624 there is some discussion about what to do when a TCP connection is closed without the TLS peer sending a close_notify alert first.

Handling TCP connection shutdown without TLS close_notify

2021-03-12 Thread Jacob Hoffman-Andrews via curl-library

In https://github.com/curl/curl/issues/4624 there is some discussion about what to do when a TCP connection is closed without the TLS peer sending a close_notify alert first. Close_notify is meant to protect against truncation attacks (https://tools.ietf.org/html/rfc8446#section-6.1), and as of

Re: Handling TCP connection shutdown without TLS close_notify

Re: Handling TCP connection shutdown without TLS close_notify

Handling TCP connection shutdown without TLS close_notify

3 matches

Site Navigation

Mail list logo

Footer information