> What kind of padding length customization would you like to see in the JDK?
I may be hesitate to add a new API. A default random padding could be used
instead, and might be controlled with a system property (e.g,
“jdk.tls.client/server.maxRecordPadding” or
“jdk.tls.client/server.recordPaddi
Thanks Xuelei and Brad for your replies!
https://bugs.openjdk.org/browse/JDK-8244983 mentions that random padding
could be used to mitigate BREACH attack. I googled for "breach random
padding", found 3 similar requests [1] [2] [3] for enhancements, none of
them was implemented. Also https://www.br
On 11/4/2022 8:58 AM, Xuelei Fan wrote:
The padding may be also necessary to prevent from a kind of attacks,
besides hiding the length. But I cannot recall the details.
I have a vague recollection of that, but I was thinking it was something
pre-1.3. But I'm not seeing any special padding
The padding may be also necessary to prevent from a kind of attacks, besides
hiding the length. But I cannot recall the details.
Removing padding may be not the direction. Instead, a padding length
customizable solution may be more flexible. Here is an enhancement request in
JBS (https://bug
Hello,
I noticed that we're padding every TLS 1.3 record with exactly 16 zeros
[1]. I'd like to remove that padding to conserve network bandwidth and
processing power. Thoughts?
Some background:
- TLS 1.3 RFC [2] defines padding as a means to hide the size of the
traffic. Constant-length padding d