Thomas Pornin <por...@bolet.org> writes: >Maybe there should be some extra wording saying that when a "maximum record >size" was received, with a value less than the protocol-defined limit, then >an endpoint SHOULD strive to use minimal-sized padding in cipher suites that >have a variable-sized padding.
I'd earlier thought of suggesting that the record length be the ciphertext length, not the plaintext length, but wasn't sure if there'd be much support for it. It would however certainly make the required calculations easier, since you no longer have to figure out what the potential size could be once you've added the MAC size, padding, and anything else that needs to go in, particularly since some of those factors are variable-length, leading to guesswork as to what you need to specify since some of the parameters won't be fixed at the time you ask for record size X. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls