Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use CONNECTION_CLOSE rather than CRYPTO_CLOSE #1477

Merged
merged 5 commits into from
Jun 26, 2018
Merged

Use CONNECTION_CLOSE rather than CRYPTO_CLOSE #1477

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0acc8f8
Use CONNECTION_CLOSE rather than CRYPTO_CLOSE
martinthomson Jun 26, 2018
9b80c45
one-octet description; MUST NOT warning alert
martinthomson Jun 26, 2018
a77b066
Typos, renumber
martinthomson Jun 26, 2018
d768347
commas
martinthomson Jun 26, 2018
d4ec8a5
comma splice
martinthomson Jun 26, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions draft-ietf-quic-tls.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -605,12 +605,12 @@ HelloRetryRequest is still used for incorrect key shares.
If TLS experiences an error, it generates an appropriate alert as defined in
Section 6 of {{TLS13}}.

A TLS alert is turned into a QUIC connection error by converting the alert
description into a QUIC error code. The alert description is added to 0x200 to
produce a QUIC error code from the range reserved for CRYPTO_ERROR. The
resulting value is sent in a QUIC CONNECTION_CLOSE frame.
A TLS alert is turned into a QUIC connection error by converting the one-octet
alert description into a QUIC error code. The alert description is added to
0x200 to produce a QUIC error code from the range reserved for CRYPTO_ERROR.
The resulting value is sent in a QUIC CONNECTION_CLOSE frame.

The alert level of all TLS alerts is "fatal", a TLS stack does not generate
The alert level of all TLS alerts is "fatal", a TLS stack MUST NOT generate
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comma splice. Separate sentences or ;.

alerts at the "warning" level.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a bit confusing because stacks can in fact do that. Maybe MUST NOT?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought that this was OK. TLS 1.3 prohibits use of warning for anything but close_notify, and we don't allow TLS to close. I guess that MUST NOT isn't a problem though.



Expand Down