On Fri, Feb 10, 2017 at 12:44 PM, Victor Vasiliev <vasi...@google.com> wrote:
> On Fri, Feb 10, 2017 at 3:39 PM, Eric Rescorla <e...@rtfm.com> wrote: > >> I agree that the specification doesn't explicitly say this, but >> it's implicit in the processing rules via the following: >> > > We do at least explicitly promise those properties in Section E.2: > > Order protection/non-replayability > : An attacker should not be able to cause the receiver to accept a > record which it has already accepted or cause the receiver to accept > record N+1 without having first processed record N. > > Good point, so if the processing rules don't in fact enforce that, we should make them do so (I think they do for the reasons I indicated earlier) -Ekr > -- Victor. > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
