On Wed, Sep 16, 2015 at 12:02:57PM +0200, Florian Weimer wrote: > On 09/15/2015 06:29 PM, Nico Williams wrote: > > But if you have a fatal error you'll be closing immediately anyways. > > I'm trying to explain that any requirement to send fatal alerts will be > difficult to implement. With the BSD sockets API, the only way to do > that reliable is *not* to close the socket immediately, which is > apparently not what you (or existing APIs) expect, and which is where > the difficulty lies.
*Sending* the fatal alert is not hard at all. Giving the peer a fair chance to get them is the difficult thing. Strictly speaking then, requiring that fata alerts be sent is not difficult to implement. :^) Tongue-in-cheek aside, I think it's fair to say that fata alerts SHOULD be sent rather than MUST be sent. And it's a good idea to explain that sending a fatal alert, by itself, does not really mean that the peer is even more likely than not to see it, that more effort is required by the sender to give the peer a fair chance of seeing it. Fatal alerts are useful for diagnostics purposes at least, but there's no real need to tell a peer why you're slamming the door on them, is there. Nico -- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls