Hi to all,during the presentation of the Large Record Sizes draft at the tls session yesterday, I wondered why the length restriction is in TLS in the first place.
I have gone back to the TLS1.0 RFC, as well as SSLv3, TLS1.3 and TLS1.2 and have found the restriction in all of them, but not a rationale why the length is artificially shortened, when the length is encoded as uint16.
Does someone know what the rationale behind it is?One educated guess we came up with was that the limit was put there to ensure that implementations can make sure to not use too much memory, and using 2^14 was deemed a good compromise between memory usage and message length, but in my short research I haven't found any evidence that would confirm that guess.
Cheers, Janfred -- Herr Jan-Frederik Rieckers Security, Trust & Identity Services E-Mail: rieck...@dfn.de | Fon: +49 30884299-339 | Fax: +49 30884299-370 Pronomen: er/sein | Pronouns: he/him __________________________________________________________________________________DFN - Deutsches Forschungsnetz | German National Research and Education Network
Verein zur Förderung eines Deutschen Forschungsnetzes e.V. Alexanderplatz 1 | 10178 Berlin https://www.dfn.deVorstand: Prof. Dr.-Ing. Stefan Wesner | Prof. Dr. Helmut Reiser | Christian Zens
Geschäftsführung: Dr. Christian Grimm | Jochem Pattloch VR AG Charlottenburg 7729B | USt.-ID. DE 136623822
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls