Hi folks,
TLS 1.3 has been approved by the IESG and it's on its way to the RFC Editor, so
I don't really see this changing any time soon for the base RFC.
I think there's some debate about whether this is a good idea, but in any case,
the right way to pursue it would be to publish a new draft, presumably with
some extension that says "I speak extended alerts".
-Ekr
On Fri, Mar 30, 2018 at 1:55 PM, Bill Frantz <frantz@xxxxxxxxxxxxxx> wrote:
On 3/30/18 at 7:35 PM, pgut001@xxxxxxxxxxxxxxxxxx (Peter Gutmann) wrote:
As you mention, debugging TLS is unnecessarily painful if there's a problem,
you typically just get a handshake-failed alert which is essentially no
information at all. Having a debug-mode capability to send back a long-form
error message would be extremely useful, maybe an extension to say "send back
a long-form alert with more than just 'BOOLEAN succeeded = FALSE' in it"
