ietf-nntp TLS response codes
Ken Murchison
ken at oceana.com
Tue Mar 18 07:05:59 PST 2003
"Jeffrey M. Vinocur" wrote:
>
> On Mon, 17 Mar 2003, Ken Murchison wrote:
>
> > "Jeffrey M. Vinocur" wrote:
> >
> > > Ken, once the client and server agree to begin TLS negotiation, is it
> > > possible for there to be a failure that would not requiring closing the
> > > connection? (That is, where both parties would know on which octet the
> > > unencrypted connection resumes.)
> >
> > Sure. They might not be able to agree on a cipher.
>
> Ah, hmm.
>
> So what do existing STARTTLS-type extensions do in this case?
The messaging protocols seem to leave it up to the client/server
implementation. A failure in the negotiation would seem to fall under
the "policy check" umbrella (RFC 2595 section 2.5, RFC 3207 sections 4.1
& 6).
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list