Re: Stephen Farrell's Discuss on draft-ietf-httpbis-http2-16: (with DISCUSS and COMMENT) from Martin Thomson on 2015-01-26 (ietf-http-wg@w3.org from January to March 2015)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 26 Jan 2015 12:55:48 -0800
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>, Mark Nottingham <mnot@mnot.net>, "httpbis-chairs@tools.ietf.org" <httpbis-chairs@tools.ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>, "draft-ietf-httpbis-http2.all@tools.ietf.org" <draft-ietf-httpbis-http2.all@tools.ietf.org>
Message-ID: <CABkgnnXUZqWUpVda2p6KTCb-NZUEW0hnGRky8ZfmTi1KF_bpPA@mail.gmail.com>

On 26 January 2015 at 12:11, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> But later, the existing text permits the server to reneg for the client cert so long as it does so before *the server* sends its preface.  Shouldn't the PROTOCOL_ERROR be a reneg attempt from a peer after receiving that peer's preface, rather than an attempt received after sending your own?  Otherwise, the server's attempt to fetch the cert races (and almost certainly loses) with the client's own preface, aborting the connection.


Quite right, I think that I need to make this conditional on "after it
has received a preface".  Anything else makes little sense.

Received on Monday, 26 January 2015 20:56:16 UTC