Re: draft agenda for San Jose meeting

David Brownell - JavaSoft wrote:
> One more protocol issue ... I've never seen an explanation about why
> the "change cipher spec" record is necessary.  It seems like all
> that's needed is the ability to flush the handshake messages which
> have been queued, since I don't see any cases where the next legal
> handshake message isn't predictable from the current protocol state.
> Is "change cipher spec" as a record type an artifact of some early SSL
> implementation, which might be removed in a "new protocol based on the
> SSL 3.0 specification"?

It's there as an explicit indicator of the change.  Yes, it would be
possible to make it implicit, but for protocol purity reasons, we don't
like implicit things, especially state changes.  The fact that it's a
different record type instead of a handshake message is just a way of
making sure that someone can't send it in the middle of a handshake

You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      |

Received on Tuesday, 3 December 1996 14:27:07 UTC