[TLS] Re: 【Reply to the comments after the presentation in Montreal】RE: Re: FW: New Version Notification for draft-wang-tls-service-affinity-00.txt

Sun, 04 Jan 2026 18:37:50 -0800 

On Sun, Jan 4, 2026 at 5:11 PM Aijun Wang <[email protected]> wrote:

> I think Christian gave the detail explanation for the reason that we needs
> not, or should not touch the application logic themselves.
>

As Martin says, I believe Christian is arguing the opposite it.

I think Usama have also the similar concerns.
>
> And to Eric's question:
> ------- " You had said earlier that the TLS stack should also be buffering
> and re-sending `make-payment(1/2)`. Is that still your view?"
>
> My express in intension is that if the TLS stack receive the command from
> the application layer during its switchover, it should do some
> buffering(but needs not be aware of such data is 'make-payment(1/2)').
> Once the switchover process is finished, it should send such buffered data
> immediately, because it is the TLS layer's task to accomplish what it is
> told to do.
> And once the buffered data is sent out successfully(via the TCP layer's
> ACK mechanism), it can notify the application layer, its work is done.
>

> The application layer should have its timer to wait such notification from
> TLS layer, before it send again the 'make-payment(1/2)'
>

I don't really understand what you're saying here. It would really be
helpful if you
could precisely specify what you believe the algorithm that each layer is
supposed
to follow, along with examples. It's extremely hard to analyze this in
pieces with the
low level of detail you have provided.

In advance of that, here is a simple scenario it would be helpful to have an
answer to:

Client App         Client TLS      Client TCP                   Server

                   <--------------- TLS Handshake 1 ----------------->
MSG1 -------------->
                   MSG1 --------------------------------------------->
                                   <------------------------- ACK MSG1
                   <------------------------------------------- Switch
                   [start switchover]
                   close_notify ->
MSG2 -------------->


                   <--------------- TLS Handshake 2 ----------------->
                   ????

In this case, the client sends MSG1, then gets the ACK from the server and
an indication
that it should switch. It starts the switchover, sends the close_notify,
and then gets
an application write of MSG2 from the app. What do you think happens when
TLS
handshake 2 is complete?

-Ekr

_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to