Plaintext is still limited to 2^14 octets, so there is no need to have the length be 3 bytes. Having the version start with 4 will purposely indicate the size of the record header. One could go out on a limb and use it to actually indicate the length of the header (i.e. 5 bytes, 4 bytes, 8 bytes, etc.) with additional options thrown in, not that I am proposing that. -- -Todd Short // tsh...@akamai.com<mailto:tsh...@akamai.com> // "One if by land, two if by sea, three if by the Internet."
On Nov 17, 2015, at 10:40 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz<mailto:pgut...@cs.auckland.ac.nz>> wrote: Short, Todd <tsh...@akamai.com<mailto:tsh...@akamai.com>> writes: Has there been any consideration to changing the record header for encrypted traffic to be 4 bytes (i.e. 32-bits)? 5 bytes is a very awkward size, and some processors do not handle odd byte offsets well (it was a complaint I heard from Cisco router/switch engineers). Not just Cisco, other hardware people have run into it as well. You don't need the version field at all because it's been negotiated in the handshake, for the remainder of the session it's just wasted bytes. So having a 1-byte type and 3-byte length for a combined 32-bit field would work fine. Peter.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
