[jdev] TLS failure fallback considerations
Dave Cridland
dave at cridland.net
Tue Oct 14 06:40:11 CDT 2008
On Tue Oct 14 12:23:29 2008, Norman Rasmussen wrote:
> I'd like to know what the 'expected'/'best' mechanism in the
> following case
> is:
> - client (c2s) or server (s2s) connects to remote host
> - remote host announces it supports, but does not require TLS
> - TLS negotiations, start but initially fail (due to broken cert
> chain,
> expired certs, etc)
> - remote server announces failure, and drops the tcp connection
>
> then what?
Then the remote server is broken - failure to verify a certificate
should not cause a connection failure.
The circumstance where this does apply is where the two sides have no
available cipher suites in common, and in that circumstance it's
reasonable to retry without TLS is the local policy allows. However,
this is such a vanishingly rare circumstance that it's not worth
worrying about.
Dave.
--
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the JDev
mailing list