On Monday, 17 October 2016 21:10:30 CEST Ilari Liusvaara wrote:
> > ## Decoding Errors
> >
> > TLS defines two generic alerts (see {{alert-protocol}}) to use upon
> > failure to parse a message. Peers which receive a message which cannot be
> > parsed according to the syntax (e.g., have a length extending beyond the
> > message boundary or contain an out-of-range length) MUST terminate the
> > connection with a "decoding_error" alert. Peers which receive a message
> > which is syntactically correct but semantically invalid (e.g., a DHE
> > share of p - 1) MUST terminate the connection with an "illegal_parameter"
> > alert.
>
> What alert is used if some field is an non-extensible enumeration and
> the value transmitted is outside the legal values?
>
> E.g. An unknown max_fragment_length value.
>
> I have used illegal_parameter for errors like this.That would be my reading of the text too. Anything that can be parsed given the requirements on structs should not generate decode_error, if it needs to be rejected because of other limitations, it should result in an illegal_parameter. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
