The TLS WG has not addressed long-lived connections. Probably because most of the people who developed the spec are in the Web space. That's not intended as a criticism, just pointing out where there seems to be this blind spot.
AFAIK, nothing stops either side from periodically going off on its own to verify the peer identity and then sending an alert to shut things down. That might not scale well, and some kind of extension that allows both sides to send updated status information might be useful and I would support that. (Peter Gutman, you still around? :) _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
