Re: [TLS] TLS 1.3 and max_fragment_length

On 15 March 2017 at 07:44, Benjamin Kaduk wrote: >The presence of padding does not change the overall record size >limitations - the full fragment plaintext may not exceed 2^14 octets. If > >the maximum fragment length is reduced, such as by the > >

Re: [TLS] TLS 1.3 and max_fragment_length

On 03/14/2017 06:26 AM, Yoav Nir wrote: > > > Seems we’re in agreement. So how about modifying the sixth paragraph > in section 5.4? > > OLD: >The presence of padding does not change the overall record size >limitations - the full fragment plaintext may not exceed 2^14 octets. > > NEW: >

Re: [TLS] TLS 1.3 and max_fragment_length

On 14 Mar 2017, at 13:04, Ilari Liusvaara wrote: > On Tue, Mar 14, 2017 at 11:10:54AM +0200, Yoav Nir wrote: >> >>> On 14 Mar 2017, at 5:38, Martin Thomson wrote: >>> >>> When we added padding to TLS 1.3, we created an ambiguity with the

Re: [TLS] TLS 1.3 and max_fragment_length

> On 14 Mar 2017, at 5:38, Martin Thomson wrote: > > When we added padding to TLS 1.3, we created an ambiguity with the > max_fragment_length extension. > > Does the limit apply to len(TLSInnerPlaintext) or does it apply to > len(TLSInnerPlaintext.content) (i.e.,

Re: [TLS] TLS 1.3 and max_fragment_length

On Tue, Mar 14, 2017 at 02:38:14PM +1100, Martin Thomson wrote: > When we added padding to TLS 1.3, we created an ambiguity with the > max_fragment_length extension. > > Does the limit apply to len(TLSInnerPlaintext) or does it apply to > len(TLSInnerPlaintext.content) (i.e.,

[TLS] TLS 1.3 and max_fragment_length

When we added padding to TLS 1.3, we created an ambiguity with the max_fragment_length extension. Does the limit apply to len(TLSInnerPlaintext) or does it apply to len(TLSInnerPlaintext.content) (i.e., TLSPlaintext.length)? That is, does is include the padding and content type, or not?