On Tuesday, December 15, 2015 09:40:41 pm Martin Thomson wrote: > In light of that, the actual limits don't matter that much to me. As > David McGrew suggested, set a limit at 2^32 and avoid having to think > too hard about how close to the failure point you might be.
+1 In fact, if we're OK with setting this rather low threshold, then we could even get rid of the rekey signal entirely and just have an automatic rekey after every 4GiB for all ciphers. That'd be one less complexity to deal with. Rekeys would be routine. Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
