Thomas Pornin <por...@bolet.org> writes: >having some guarantees on non-fragmentations may help some implementations >that are very constrained in ROM size and must stick to the simplest possible >code.
It's not the code size, it's attack surface. There have been endless attacks on IP fragmentation and fragment reassembly, not to mention equally numerous firewall/IDS bypasses by creative fragmentation. So in my case not doing fragmentation is a security thing, not a code-size thing (as was not doing rehandshake, compression, and a pile of other things that have caused problems in SSL/TLS in the past). The fact that I've never encountered any embedded/SCADA device that handles or requires fragmentation makes it ever easier. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls