Draft-20 currently contains this text in the section "Server Certificate Selection":
'If the client cannot construct an acceptable chain using the provided certificates and decides to abort the handshake, then it MUST abort the handshake with an"unsupported_certificate" alert."' However, section 6 lists a number of other generic certificate related alerts: certificate_revoked certificate_expired certificate_unknown unknown_ca While section 6 provides descriptions of these they are not mentioned elsewhere in the spec, so there is no guidance as to when they might be used. So, given the text in the "Server Certificate Selection" section, should a client always send "unsupported_certificate" for all failures? Or should one of the other alerts be used instead if it seems more appropriate? E.g. If a client attempts to "construct an acceptable chain", but finds an expired certificate - should it respond with "unsupported_certificate" or "certificate_expired"? There seems to be some inconsistency between server certificate selection and client certificate selection, i.e. in the former it is mandated that a specific alert be sent, but in the latter there is no such requirement. Additionally, there are a number of other alerts mentioned in section 6 (not just certificate related ones), that are never mentioned anywhere else in the spec. Do we really need all of these alerts? If they are needed, shouldn't they be explicitly mentioned elsewhere in the spec in the locations where they are relevant (associated with some MUST/SHOULD/MAY requirement)? As things stand the interpretation of when they should be sent seems quite loose. Matt _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls