Rainer Gerhards schrieb: > My first question is on section 4.2. It does not tell what to do if the > TLS handshake fails. One can argue that the second sentence implies that > the connection should be dropped on handshake failure. However, this is > not explicitly stated. It may be desirable to continue without TLS in > that case.
IMHO the only important point is that a client explicitly configured to use TLS will only send data to an authenticated server, thus it has to abort if the handshake fails. One cannot specify much more, because there are too many possible policies a sysadmin might want to configure; ranging from TLS without client/server-certificates up to his own CA or a predefined list of valid client/server certificates. So it should be left to the implementation to offer different operation modes, for example 'UDP', 'TLS if available', and 'TLS'. Then as a user I might expect a mode 'TLS if available' to continue in TCP or UDP after a failed handshake, while with 'TLS' I have to rely on an abort. -- Martin _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
