On Tue, 2017-03-21 at 14:15 +0100, Thomas Pornin wrote: > On Fri, Mar 17, 2017 at 05:24:09PM +1100, Martin Thomson wrote: > > I'd even go so far as to specify it: > > > > https://martinthomson.github.io/tls-record-limit/ > > > > I'll submit an I-D once the blackout ends if people are interested > > in this. > > I like this proposal. One comment, though: I think the wording in > section 4 should mandate that the value sent MUST NOT exceed the > maximum > record size -- i.e. if an implementation supports records up to 16384 > bytes, then it should put 16384 here, not a bigger value suc as > 65535. > > Rationale: last time this was discussed on this list, some people > expressed the wish to ultimately support records with more than 16384 > bytes of plaintext. If such an extension ever comes to fruition (it > is > certainly easy enough to do with CBC and GCM cipher suites), then > sending a record_size_limit with a limit of, say, 60000 bytes, would > serve as indication that the implementation indeed supports such > larger > records. This holds only as long as no implementation sends a value > larger than 16384 if it does not really accept records of more than > 16384 bytes. > > Therefore, I propose to replace this paragraph: > > An endpoint that has no limit on the size of data they receive > can > set this value to any value equal to or greater than the maximum > possible record size, such as 65535. A larger value does not > allow > the endpoint to send larger records than the protocol permits. An > endpoint that receives a value larger than the maximum defined in > the protocol MUST NOT exceed protocol-defined limits. For TLS 1.3 > and earlier, this limit is 2^14 octets. > > with the following: > > An endpoint that supports all sizes that comply with the > protocol-defined limits MUST send exactly that limit as value for > maximum record size (or a lower value). For TLS 1.3 and earlier, > that limit is 2^14 octets. Higher values are currently reserved > for > future versions of the protocol that may allow larger records; an > endpoint MUST NOT send a value higher than 2^14 unless explicitly > allowed by such a future version and supported by the endpoint. > > When an endpoint receives a maximum record size limit larger than > the protocol-defined limit, that end point MUST NOT send records > larger than the protocol-defined limit, unless explicitly allowed > by > a future TLS version.
I support this proposal. It actually prevents re-introducing a limitation which can hamper a future modification of the scope of this extension. regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls