To:
"'Liu, Hong'" <Hong.Liu@neustar.biz>, ietf-provreg@cafax.se
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Mon, 5 Aug 2002 12:40:22 -0400
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Login Failure and Sessions
> I agree with Patrick that this is a server policy issue. The > protocol should > not specify the exact value of N. If so, then we have a protocol with a non-deterministic state diagram. The state of the server WRT to login failures ends up being implementation-dependent, and I think this is going to get us in trouble with the IESG *. -Scott- * I say this because I've been told by our AD that we need a state diagram in the specs, and I can't draw such a diagram if I can't document how the server behaves when it has to deal with a client authentication failure. I'm open to suggestions as to how this kind of implementation choice might be described in a state diagram...