>>>>> "ER" == Eric Rescorla <e...@rtfm.com> writes:
ER> In TLS, we use a distinct nonce for each record and then a block counter ER> inside the record. So, it's true that you couldn't encrypt a record that ER> was more than 2^{32} * 256 bits long, but since TLS records can't be ER> more than 16KB long anyway, this isn't the critical limitation. That does change things. I do not recall any posts noting that after I posted an objection to the change, but I mostly missed everything from May thru July or so because of the stroke... Thanks for the correction. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls