Maybe I'm missing something, but hasn't this issue already been sufficiently dealt with via padding?
https://tools.ietf.org/html/draft-ietf-tls-tls13-10#section-5.2.2 The record type and version fields are now frozen, and the record length field is not indicative of the real length if padding is used. The only way I could see encrypting the length field as helpful would be to further obfuscate it from something that can see the record layer but not the transport layer and doesn't know the full record size, though the padding already obfuscates it somewhat. Is this really worth jumping through hoops for? Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
