Eric Rescorla <e...@rtfm.com> wrote: > > two options: > > - Try to make small adaptations to TLS 1.3 to make it work better with > middleboxes.
Return to the proper TLSv1.2 record format with true ContentTypes (hiding them doesn't add any security anyways). With the needlessly broken ContentTypes, we will be unable to support TLSv1.3 in our current apps. The needless changes break streaming of layered IO and end-of-communication discovery for long-running requests, because it is not possible to reliably distinguish a warning-level closure alert from a pipelined continuation of app data. -Martin _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls