2016-10-07 22:06 GMT+0000 David Benjamin <david...@chromium.org>: > Units is a little interesting. For those purposes, this limit would > kick in whether or not the early data could be decrypted, so the server- > side limit would be measured in ciphertext, possibly even including > record headers. (Although any inaccuracies in converting could be done > by just advertising an underestimate and breaking peers that send > pathologically silly things like all one-byte records. So it doesn't > matter much.)
Yeah, I've been thinking about that. I went for plaintext because it seemed to simplify the API on the client side, but maybe it's best to count the whole record size, and let the client worry about not doing some silly splitting or padding. I'll update the PR.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
