Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ben Kaduk's TLS Comment 9 #4485

Closed
LPardue opened this issue Jan 6, 2021 · 4 comments · Fixed by #4570
Closed

Ben Kaduk's TLS Comment 9 #4485

LPardue opened this issue Jan 6, 2021 · 4 comments · Fixed by #4570
Labels
-tls design An issue that affects the design of the protocol; resolution requires consensus. has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list. iesg An issue raised during IESG review.
Projects
Late Stage Processing
Milestone
tls-iesg

Comments

@LPardue
Copy link
Member

LPardue commented Jan 6, 2021

@kaduk said:

Section 4.8

The alert level of all TLS alerts is "fatal"; a TLS stack MUST NOT
generate alerts at the "warning" level.

This seems to be making a normative restriction on the operation of TLS,
which is not in the QUIC WG charter. Perhaps we should instead
constrain the QUIC implementation to not accept such alerts (and what to
do if they are received) and note that the only closure alerts in RFC
8446 are "close_notify" and "user_cancelled", which are replaced by
equivalent QUIC-level functionality.
@LPardue LPardue added -tls iesg An issue raised during IESG review. labels Jan 6, 2021
@LPardue LPardue added this to the tls-iesg milestone Jan 6, 2021
martinthomson added a commit that referenced this issue Jan 6, 2021
@martinthomson
Closure alerts are errors too
4cad27d 
This changes the shape of the requirement from one that proscribes the
behaviour of a TLS stack to the reaction of QUIC to a warning level
alert.  This recommends treating them as fatal as QUIC never
deliberately closes TLS.

This is a normative change that should have no practical effect on
implementations.

Closes #4485.
@martinthomson martinthomson mentioned this issue Jan 6, 2021
Merged
@martinthomson
Copy link
Member

I'm going to request that we flag this one "design".

I think that we want to say:

  1. the TLS connection is never closed using TLS mechanisms
  2. QUIC can treat any TLS alert as fatal

PR created and email in the pipe.

@LPardue LPardue added the design An issue that affects the design of the protocol; resolution requires consensus. label Jan 8, 2021
@LPardue
Copy link
Member Author

LPardue commented Jan 8, 2021

Marking this as design as requested.

@larseggert larseggert added this to Triage in Late Stage Processing via automation Jan 11, 2021
@larseggert larseggert moved this from Triage to Design Issues in Late Stage Processing Jan 12, 2021
Late Stage Processing automation moved this from Design Issues to Issue Handled Jan 14, 2021
@martinthomson
Copy link
Member

Returning to an open state as the chairs directed in their plan.

@martinthomson martinthomson reopened this Jan 14, 2021
Late Stage Processing automation moved this from Issue Handled to Triage Jan 14, 2021
@larseggert larseggert moved this from Triage to Design Issues in Late Stage Processing Jan 15, 2021
@LPardue LPardue added the call-issued An issue that the Chairs have issued a Consensus call for. label Jan 18, 2021
@LPardue LPardue moved this from Design Issues to Consensus Call issued in Late Stage Processing Jan 18, 2021
@LPardue
Copy link
Member Author

LPardue commented Feb 3, 2021

Closing this now that the IESG have approved the document(s).

@LPardue LPardue closed this as completed Feb 3, 2021
Late Stage Processing automation moved this from Consensus Call issued to Issue Handled Feb 3, 2021
@LPardue LPardue added has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list. and removed call-issued An issue that the Chairs have issued a Consensus call for. labels Feb 21, 2021
@project-bot project-bot bot moved this from Issue Handled to Consensus Declared in Late Stage Processing Feb 21, 2021
@LPardue LPardue moved this from Consensus Declared to Issue Handled in Late Stage Processing Feb 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
-tls design An issue that affects the design of the protocol; resolution requires consensus. has-consensus An issue that the Chairs have determined has consensus, by canvassing the mailing list. iesg An issue raised during IESG review.
Projects
Late Stage Processing
  
Issue Handled
Milestone
tls-iesg
Development

Successfully merging a pull request may close this issue.

Closure alerts are errors too quicwg/base-drafts
2 participants
@martinthomson @LPardue