I'm assuming that Steven had an issue with the fact that we're requiring a protocol peer to send back a TLS closure alert, when really the recipient may wish to just close the underlying connection. My current wording basically says that if the recipient of the initial TLS closure alert wishes to allow the underlying LDAP connection, *then* it must immediately send its own TLS closure alter, etc.
Jim >>> "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> 10/20/03 11:39:34 PM >>> At 10:13 PM 10/20/2003, Jim Sermersheim wrote: >>>> "Kurt D. Zeilenga" < Kurt@OpenLDAP.org > 10/8/03 7:59:20 AM >>> ><snip> > >>> 4.13.3.1. Graceful Closure >>> The other party, if it receives a TLS closure alert, MUST immediately >>> transmit a TLS closure alert. It will subsequently cease to send TLS >>> ^^^^ MUST ? >> >>Please consider the replace text I offer in my comments. >Kurt, I didn't see any replacement text in your comments for this section. Sorry, how about? The other party, upon receipt of a TLS closure alert, SHALL immediately send a TLS closure alert and then terminate the TLS connection. The LDAP connection remains established unless subsequently terminated. |