Closed Bug 577123 Opened 15 years ago Closed 2 years ago

libssl doesn't send the unexpected_message alert when it receives a record type it doesn't understand

Categories

(NSS :: Libraries, enhancement, P5)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: briansmith, Unassigned)

Details

The TLS 1.0 and TLS 1.1 specifications said that implementations should IGNORE records of unknown type. However, the TLS 1.2 specification says that implementations must reject records of unknown type with an unexpected_message alert, which is always fatal. Currently, NSS rejects the record but doesn't send an alert. I propose that the TLS 1.2 rule be used for all versions. http://tools.ietf.org/html/rfc2246#section-6 http://tools.ietf.org/html/rfc4346#section-6 http://tools.ietf.org/html/rfc5246#section-6
Severity: normal → S3
Severity: S3 → N/A
Status: NEW → RESOLVED
Closed: 2 years ago
Priority: -- → P5
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.