>>>>> "ER" == Eric Rescorla <e...@rtfm.com> writes:
ER> In TLS, we use a distinct nonce for each record and then a block counter
ER> inside the record. So, it's true that you couldn't encrypt a record that
ER> was more than 2^{32} * 256 bits long, but since TLS records can't be
ER> more than 16KB long anyway, this isn't the critical limitation.
That does change things. I do not recall any posts noting that after I
posted an objection to the change, but I mostly missed everything from
May thru July or so because of the stroke...
Thanks for the correction.
-JimC
--
James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
