On 20.03.24 11:08, David Benjamin wrote:
I can't say what was going on in the SSLv3 days, but yes record size
limits are important for memory. Whatever the maximum record size is,
the peer can force you to buffer that many bytes in memory. That means
the maximum record size is actually a DoS pa
* Whatever the maximum record size is, the peer can force you to buffer
that many bytes in memory. That means the maximum record size is actually a DoS
parameter for the protocol.
Absolutely true. If you have a limit, attackers will try to push your server up
to and over the limit and try t
I can't say what was going on in the SSLv3 days, but yes record size limits
are important for memory. Whatever the maximum record size is, the peer can
force you to buffer that many bytes in memory. That means the maximum
record size is actually a DoS parameter for the protocol.
On Wed, Mar 20, 20
