Frank Bergmann via mbed-tls mbed-tls@lists.trustedfirmware.org wrote: > I know that the behaviour is not defined by standard(s). > My question was about the default behaviour of mbed TLS (>=3.0). > - Will the connection kept online when the cert did expire and the > application does not react (e.g. by doing a new handshake)?
Yes. In order to do anything, your application would have to act.
> - Will this default behaviour be kept in future (at least for 3.x)?
I can't speak for that, but during my 30 years of experience with SSL/TLS, and IPsec/IKE, I have never seen any specification that would change it.
There are some implementations (and by this, I mean gateways, not libraries) that have constrained the lifetime of an SA to be within the certificate validity and/or OCSP/CRL validity, forcing a rekey to occur around the time of certificate expiry.
This has almost always been a disaster normal users, and when present has been a configuration option.
If operators need/want to cancel security channels when they revoke certificates, then they usually need to reach out to all the systems using a control channel. Or, they can set the default rekey lifetime to be less than their CRL/OCSP validity.
> IMHO a somewhat reasonable approach could be that while connection is > up the application at lower level should check regularly the cert and > simply close the connection on expiration. > Re-establishing the connection will then be done at higher level in our application. > But maybe keeping the connection up could also be valid for us. Hence > the questions.
Connections should be kept "up", or "resumable" until you know otherwise.
-- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [