On Thu, Oct 12, 2017 at 5:44 PM, Martin Thomson <martin.thom...@gmail.com> wrote:
> On Fri, Oct 13, 2017 at 11:21 AM, Eric Rescorla <e...@rtfm.com> wrote: > > Maybe I'm missing something, but I don't think that that's correct. as > long > > as you're > > willing to (a) restrict the jump to the same size as the transmitted > part of > > the sequence > > number and (b) do a little trial decryption. > > > > We could, of course, also adopt the sequence number hopping scheme that > we > > use for QUIC, which works without trial decryption. > > Either works for me (I was operating on the assumption that we would > avoid trial decryption). > Yeah, I think we should probably import the scheme from QUIC. -Ekr
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls