Andreas Walz <andreas.w...@hs-offenburg.de> writes:
>>>> Peter Gutmann <pgut...@cs.auckland.ac.nz> 21.09.16 17.54 Uhr >>>
>> If you're writing a strict validating protocol parser than disconnecting in
>> this case is a valid response, but if it's software that will be used by
>> actual humans then failing a connect based on something like this makes no
>Wouldn't this argument apply to any "decode_error"?
Nope. There's a big difference between "I can't continue" and "I can
continue without any problems but don't want to". The example I gave of
"Couldn't connect to Amazon because no suitable encryption was available"
would be the error message to display in the case of a decode error that
garbled the cipher suites, an "I can't continue" condition. The current
thread starter was a case of "I can continue without any problems but don't
want to", which pretty much any user of the product will perceive as a buggy
product, meaning they'll drop it and switch to something that works.
TLS mailing list