> On Dec 30, 2017, at 12:38 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
>
> I think your idea in general is a good one, standards should include sanity
> limits on what you should and shouldn't accept (I've managed to cause crashes
> and reboots and whatnot on different servers by sending valid but unexpected
> data during development, SSH makes this particularly easy), but in cases like
> this it's hard to determine at which point you should and shouldn't accept the
> traffic.
Excessive padding aside, the traffic described could be largely normal,
for example an SSL-encrypted channel carrying user keystrokes...
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
