On Mon, Oct 21, 2019 at 9:45 AM Eric Rescorla <e...@rtfm.com> wrote: > > > On Mon, Oct 21, 2019 at 7:56 AM Rob Sayre <say...@gmail.com> wrote: > >> Sorry if I'm being dense here. Couldn't "zeros" have a length? Maybe you >> just mean it would be superfluous. >> > > Yes, that is what I mean. >
OK. To be clear, I understand why there is padding in the spec. I don't understand three aspects: 1) Where did the number 260 come from? It also seems to conflict with the "multiples of 16" advice in the previous sentence. 2) Why does the server set the padding amount? If clients were allowed to vary it with different amounts of zeros, wouldn't that be more anonymous? 3) Why is the length of "zeros" implicit rather than explicit? Is it to save a few bytes, or is there a deeper reason? None of this stuff signals a flaw in the draft from an interoperability perspective--I was able to follow it as a non-expert in TLS and get things working. But I still have questions about why things are specified this way. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
