On Sunday 06 December 2015 02:48:33 Peter Gutmann wrote: > Watson Ladd <[email protected]> writes: > >please cite the sentence of the TLS RFC which prohibits accepting > >application data records during the handshake. > > Please cite the sentence of the TLS RFC which prohibits accepting SSH > messages during the handshake. > > Please cite the sentence of the TLS RFC which prohibits executing > /usr/games/hack during the handshake. > > Please cite the sentence of the TLS RFC which prohibits reformatting > the user's hard drive during the handshake. > > (This debate is pointless and probably annoying everyone else, so I'll > bow out now).
Peter, I think you should go back to the beginning of the thread.
(I'm sorry for the necromancy making it a bit hard, but there was a
direct question aimed at me that I didn't have time to answer earlier
and I don't think we arrived at conclusion before)
To summarise:
RFC 5246 Section 6.2.1 states:
Recipients MUST receive and process interleaved
application layer traffic during handshakes subsequent to the first
one on a connection.
At the same time, sections like 7.4.7 state:
It [Client Key Exchange message] MUST immediately
follow the client certificate message, if it is sent.
or, at section 7.4.9:
A Finished message is always sent immediately after a change
cipher spec message
The question is, which one takes precedence?
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
