In offline discussion l was convinced that a bigger change might be needed. The shifting is cute, but we might be able to do better.
This won't be wire compatible with the existing protocol, so maybe just embrace that and change the record header. This would happen when switching from handshake protection to application data protection. We can drop the version and content type and reclaim some of the savings for a longer length field. On Wed, Mar 20, 2024, at 13:42, John Mattsson wrote: > Hi, > > My summary from the TLS WG session yesterday: > > - Let’s adopt and figure out the final details later. > - Show performance data. > - Should be new extension, i.e., not used together with "record size > limit". > - The new extension should redefine the meaning of the uint16 length > field in the TLSCiphertext to allow records larger than 2^16 bytes. > > Simple suggestion: > > In the new extension the client and server negotiate an uint8 value n. > Client suggest a value n_max. Server selects n where 0 <= n <= n_max or > rejects the extension. Agreeing on a value n means: > > - The length field in the record means 2^n * length bytes instead of > length bytes. I.e., left shifted similar to the TCP window scale option. > - The client and server are willing to receive records of size 2^n * > (2^16 - 1) bytes. > - Up to 2^n - 1 bytes of padding might be required. > - AEAD limits are reduced with a factor 2^(n+2). > > Thought? > > Cheers, > John Preuß Mattsson > > *From: *internet-dra...@ietf.org <internet-dra...@ietf.org> > *Date: *Tuesday, 5 March 2024 at 06:16 > *To: *John Mattsson <john.matts...@ericsson.com>, Michael Tüxen > <tue...@fh-muenster.de>, Hannes Tschofenig <hannes.tschofe...@gmx.net>, > Hannes Tschofenig <hannes.tschofe...@gmx.net>, John Mattsson > <john.matts...@ericsson.com>, Michael Tuexen <tue...@fh-muenster.de> > *Subject: *New Version Notification for > draft-mattsson-tls-super-jumbo-record-limit-02.txt > A new version of Internet-Draft > draft-mattsson-tls-super-jumbo-record-limit-02.txt has been successfully > submitted by John Preuß Mattsson and posted to the > IETF repository. > > Name: draft-mattsson-tls-super-jumbo-record-limit > Revision: 02 > Title: Large Record Sizes for TLS and DTLS > Date: 2024-03-04 > Group: Individual Submission > Pages: 6 > URL: > https://www.ietf.org/archive/id/draft-mattsson-tls-super-jumbo-record-limit-02.txt > Status: > https://datatracker.ietf.org/doc/draft-mattsson-tls-super-jumbo-record-limit/ > HTML: > https://www.ietf.org/archive/id/draft-mattsson-tls-super-jumbo-record-limit-02.html > HTMLized: > https://datatracker.ietf.org/doc/html/draft-mattsson-tls-super-jumbo-record-limit > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-mattsson-tls-super-jumbo-record-limit-02 > > Abstract: > > RFC 8449 defines a record size limit extension for TLS and DTLS > allowing endpoints to negotiate a record size limit smaller than the > protocol-defined maximum record size, which is around 2^14 bytes. > This document specifies a TLS flag extension to be used in > combination with the record size limit extension allowing endpoints > to use a record size limit larger than the protocol-defined maximum > record size, but not more than about 2^16 bytes. > > > > The IETF Secretariat > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
