This works for me, does anyone object to my updating the PR in this fashion?
-Ekr On Thu, May 18, 2017 at 2:10 AM, Brian Smith <br...@briansmith.org> wrote: > Kathleen Moriarty <kathleen.moriarty.i...@gmail.com> wrote: > > 4. Section 6.2 Error Alerts > > > > In addition to sending the error, I don't see any mention of the error > > being logged on the server side, shouldn't that be specified? Logging > > errors (at least in debug modes when needed) provides valuable > > troubleshooting information and many applications don't do an adequate > > job of logging, so I think it's important to call that out here as a > > recommendation. > > I think I agree with what Kathleen wrote here, but the PR that > attempts to address this > (https://github.com/tlswg/tls13-spec/pull/1021) seems too strong in > recommending that servers send alerts. In particular, IMO logging the > alert shouldn't necessarily be the default and there should be a way > to disable such logging. I guess saying something such as "The > implementation SHOULD provide a way to facilitate the logging of the > error" or similar, instead of "SHOULD log" seems better to me. > > In particular, an implementation might not do any logging itself, but > might return an error code that the higher level thing could log (if > it wants to). I would generally recommend implementations do this than > to do logging themselves. > > Cheers, > Brian > -- > https://briansmith.org/ > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls