[gnutls-devel] GnuTLS | Multiple issues with handling record_size_limit extension (#676)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Jan 17 16:50:16 CET 2019


I have filed !879 that should fix some of the issues.

For 2, GnuTLS uses 2**14 as the upper limit, regardless of the version.  If we want 2**14+1 for TLS 1.3, it would require delaying the initialization after version negotiation.  I'm not sure if such complexity is worth it just for 1 byte.

Similarly for 8, the lower limit is 512 and adding support for [64, 511) doesn't look straightforward.

For 5, does the 1/n-1 splitting in TLS 1.0 actually work without the extension?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/676#note_132471795
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190117/6c4d1ed9/attachment.html>


More information about the Gnutls-devel mailing list