On 10/21/2019 11:08 AM, Eric Rescorla wrote: > > 3) Why is the length of "zeros" implicit rather than explicit? Is > it to save a few bytes, or is there a deeper reason? > > > It saves bytes on the wire. It's also the way we've done other zero > padding.
There also off-by-one or off-by-two issues that arise when the natural length is equal to or very close to the padding target. Suppose that you need zero padding to achieve the limit. Then if you have to stick in one byte of length, you go over the limit. You might get around that by making the padding field optional, but then the syntax would allow to not have any padding and that opens a can of worms.. Or suppose that you need exactly one byte of padding, but the length field is two bytes -- you can't just add one byte, you end up always off by one. -- Christian Huitema
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls