Request: Discuss encoding of Alerts

[bemasc]

It’s currently not clear how plaintext Alerts are represented.

Suggestion: content_type = ctls_alert

[hannestschofenig]

I created a PR to address this issue: #47

[ekr]

@bemasc why can't they just be the usual content type? What am I missing.

[bemasc]

The current text says

The only cTLS records that are sent in plaintext are handshake
records (ClientHello and ServerHello/HRR). The content type is
therefore constant (it is always handshake), so we instead set the
content_type field to a fixed cTLS-specific value to distinguish cTLS
plaintext records from encrypted records, TLS/DTLS records, and other
protocols using the same 5-tuple.

I'm proposing that:

1. The first sentence (or maybe the second) is not right.
2. We need another content_type for plaintext alerts.

I'm not sure what you mean by "the usual content type". cTLS currently does not use TLS's ContentType registry. Instead, the current draft defines a new ctls_handshake value to identify these records.

If you're proposing to switch cTLS to use the TLS ContentTypes instead ... that seems fine to me. However, the divergence does seem to be deliberate, as explained in the text.

[ekr]

I think this is just an error on my part:

1. You obviously need to be able to send plaintext alerts.
2. The requirement is to be able to demux, but if cTLS alerts are the same, then no need

For that reason, I propose to just use TLS's alert type.