Hi Joe, thanks for pointing this out. I will talk to our mbed TLS team to find out what the status of this issue is.
Ciao Hannes On 03/18/2017 10:17 AM, Joseph Birr-Pixton wrote: > On 17 March 2017 at 16:01, Hannes Tschofenig <hannes.tschofe...@gmx.net> > wrote: >> Here are my 5 cents: we implement this extension in our mbed TLS stack > > With the greatest of respect, mbedtls *doesn't* implement > max_fragment_length[1], because it doesn't fragment handshake messages > as required by the spec. Attempts to use it with a conforming peer > will fail to handshake. > > When I came across this a year or so ago, I concluded that nobody > could have actually deployed max_fragment_length using mbedtls. > > Cheers, > Joe > > [1] https://github.com/ARMmbed/mbedtls/issues/387 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
