Andreas Walz <andreas.w...@hs-offenburg.de> writes: >>>> Peter Gutmann <pgut...@cs.auckland.ac.nz> 21.09.16 17.54 Uhr >>> >> If you're writing a strict validating protocol parser than disconnecting in >> this case is a valid response, but if it's software that will be used by >> actual humans then failing a connect based on something like this makes no >> sense. > >Wouldn't this argument apply to any "decode_error"?
Nope. There's a big difference between "I can't continue" and "I can continue without any problems but don't want to". The example I gave of "Couldn't connect to Amazon because no suitable encryption was available" would be the error message to display in the case of a decode error that garbled the cipher suites, an "I can't continue" condition. The current thread starter was a case of "I can continue without any problems but don't want to", which pretty much any user of the product will perceive as a buggy product, meaning they'll drop it and switch to something that works. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls