On 04/07/2017 12:25 PM, Nico Williams wrote: > On Fri, Apr 07, 2017 at 12:05:42PM -0500, Benjamin Kaduk wrote: >> One simple and easy option is to have a new extension to indicate the >> maximum consecutive padding that will be accepted by an endpoint, and >> abort the connection if too much padding is received in a row without >> any non-padding content. But that might be too complicated, and we >> could just note that implementations may get grumpy if they see too much >> padding and abort the connection; peers are basically allowed to abort >> the connection at will already, so it's not really a new thing. > Or, you know, just close the connection. Give them a fatal record to > tell them why. No need to tell them up fron how much naughtiness you'll > allow.
Right. But it might be worth adding to the list of things to check about your implementation in Appendix <mumble>. -Ben
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
