[gnutls-devel] GnuTLS | Multiple issues with handling record_size_limit extension (#676)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri Jan 18 14:53:30 CET 2019


> the thing is that 64 is the explicit lower limit established in the RFC, so it's hard to claim compliance if that value will not be respected by GnuTLS if it is advertised by the other side

@nmav pointed that the RFC suggests:
> Endpoints SHOULD advertise the "record_size_limit" extension, even if they have no need to limit the size of records.  [...] *For servers, this allows clients to know that their limit will be respected.*

Conversely, if the server doesn't want to respect the limit the client advertised, couldn't it indicate that by omitting "record_size_limit" in SH or EE?

I am not sure if the sentence is only about the upper limit though.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/676#note_132767163
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190118/f196d605/attachment.html>


More information about the Gnutls-devel mailing list