IETF Logo Mail Archive

[TLS] Re: WG Last Call: draft-ietf-tls-super-jumbo-record-limit-02 (Ends 2025-11-25)

Eric Rescorla <ekr@rtfm.com> Mon, 24 November 2025 14:56 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id BF8EE8F86E92 for <tls@mail2.ietf.org>; Mon, 24 Nov 2025 06:56:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AoWhhw1MjObE for <tls@mail2.ietf.org>; Mon, 24 Nov 2025 06:56:18 -0800 (PST)
Received: from mail-yx1-xb12b.google.com (mail-yx1-xb12b.google.com [IPv6:2607:f8b0:4864:20::b12b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id F2A248F86E8B for <tls@ietf.org>; Mon, 24 Nov 2025 06:56:17 -0800 (PST)
Received: by mail-yx1-xb12b.google.com with SMTP id 956f58d0204a3-642fcb9c16aso3199664d50.1 for <tls@ietf.org>; Mon, 24 Nov 2025 06:56:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1763996171; x=1764600971; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=58MPTr8Ut4SEyj+wWjErRRYjj89CBEJPvACiwnvam5o=; b=1Waggx3ILCzzBup0X+cgSdzbomDx8yhEdmsb2AIRmbZ0XPTrmFMqSSifdKEHB/5h3l KnhQm63hv+2Fjv794or1MMkSrknYs2k5F6SPb13xPaliOSDJBm2WHoxQIMdMN6FSpdBG aa178GIpKuxyKID2sPlVX00Fnt9+CXCFUno0+xZw9Xmi64v9DxwiC5bs0mbAzxV0m4ss KKwgtinlOwe2UP/Pyx2P1oC/azUbM9r6H/vxd8WpuGRzng9rMLKm9KXKK5pg0A9pzoYv tHzapycoxxsZ6hXx3JU51iVNdKuehz9Q4yXS1JUQXMquzTUHVJFoL/Zf1jPCO+U2TKxs v7Gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763996171; x=1764600971; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=58MPTr8Ut4SEyj+wWjErRRYjj89CBEJPvACiwnvam5o=; b=Jhdxh8S/6zuKzWfh/jZ7Qe7Mq5d5tDAFaQ9AyW9quzRGQUHQI5p32irQT0ol+tOcnP jvvWlMuFDUIG89k7ODvB/AI0TLJSOgUdt6qzui/oEy1/ucI5Sm/0bMPN/OSZDtSe0zHb yp+9IB0+UMlbrwBNvpnMPwVJ5V6eAY/JJzHk06fLNjVqdoRu+MchIIghYl7ZjZ54JRND CHz+cCMUFKGVL7EjJfCIcc2p272BVYGQgEW+K9Ofw83pFEtQ765scUXCTxpZD4v52Ir5 GvFs4AHBgnAnjJxAZ5sDe++PvU9Q59UxUykpIXoJP9OH3q9wX3hZc3tf1lDy5qBVjqho kDiw==
X-Gm-Message-State: AOJu0YyTXcNrdOBAzq0E2EOUpTlvOqlvG4T0J4ZJWSCNje93rCtN0Pfe CwpJ88PcZwf+VavQoVDyfy6o07n24LsWLeU2CtkNxmEV0p8ofLxfZpsY0FYuAfiaA7wchY0b//9 6uDUohq6StpinH7ofU6S7XluoWdq9B3GQRB9FXmpR4yaSqC/qM1WuryE=
X-Gm-Gg: ASbGncs5Pl33EtmRW7ZxZ53o7ypOln4BBv7Or1K5PAoanJ2Y25PiEhNUwME794UOBPP Z2d4iJniHNYEudz7wF3FEMhUV+a7JJmjuXlL3It8Z9GzEeBGLz+7VU6PUYbO2wDGzd8i9TI532i 5C9T7VaCkodE1Jmddit5WtVj+pP63Q8VEQNAmZSiclycTVO3C1/FFC4+63poW7lT7RJBVmws1yf rEKw9p+VEemgPAArFGXN7fmu8Aa5b2pXI7s4SqMqIG9XEY6q51Q+Tsyo1phrcuzkMyEfEtjXl8X osqGq3yUyye3kMB+poRVytUbHFq4PlMHc3M5uRfTHGxo27rPO1gpxp6Fds/qyePCHY/nZW0z7YL Q6U3o0i2HDQ==
X-Google-Smtp-Source: AGHT+IFnhAceV5JNisF24z1HVdYxEsMIuOSnhrg71N+1+x/coDHRdzbQC+njVU2LosoGeNMR2Pjs7V056ebbH0MxF/o=
X-Received: by 2002:a05:690c:63c7:b0:786:a892:8a13 with SMTP id 00721157ae682-78a8b569f53mr174795807b3.61.1763996171258; Mon, 24 Nov 2025 06:56:11 -0800 (PST)
MIME-Version: 1.0
References: <176226814185.517610.18328497166055791127@dt-datatracker-5df8666cb-7l4w5> <633F1422-C1F4-4600-A4C4-57F0233E4ECD@sn3rd.com> <5B8B6AD9-C0BE-4044-B426-375AB5F00FF0@sn3rd.com> <C1DCBA36-370C-48E9-B33B-CAF88784AC7A@sn3rd.com>
In-Reply-To: <C1DCBA36-370C-48E9-B33B-CAF88784AC7A@sn3rd.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 24 Nov 2025 06:55:34 -0800
X-Gm-Features: AWmQ_bmgjlOOr8cguRxqCVnf0n_m12_PSW6j0ewE40wyEUi3FcaJJ7UNELvd1us
Message-ID: <CABcZeBMK=6uBLJoVQ1Bi+VBJGy4eDY8MDYq7jOPGKnSmu7C1fw@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Content-Type: multipart/alternative; boundary="0000000000002c59dd0644585df5"
Message-ID-Hash: JAMDMVYFTZZA3NQLAISI3YZ77F6HWTU6
X-Message-ID-Hash: JAMDMVYFTZZA3NQLAISI3YZ77F6HWTU6
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Last Call: draft-ietf-tls-super-jumbo-record-limit-02 (Ends 2025-11-25)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/FP0SMRQAQIG_cQO5zGhUiwhgsu4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

This document looks basically good. I have some comments below. I
believe at least the first comments hould be addressed before this
document advances.


S 3.
   The large record size limit only applies to records sent toward the
   endpoint that advertises the limit.  An endpoint can send records
   that are larger than the limit it advertises as its own limit.  A TLS
   endpoint that receives a record larger than its advertised limit MUST
   generate a fatal "record_overflow" alert; a DTLS endpoint that
   receives a record larger than its advertised limit MAY either
   generate a fatal "record_overflow" alert or discard the record.

Is there a reason to allow a DTLS endpoint to generate an alert in
this case? This seems like it creates an easy DoS attack on the
connection. At least, I think we should recommend it discard the
record.


   Unprotected messages and records protected with early_traffic_secret
   or handshake_traffic_secret are not subject to the large record size
   limit.


I think this wants to say "are subject to the usual record limit",
correct? They're not unlimited.

   The "large_record_size_limit" extension is not compatible with
   middleboxes expecting TLS 1.2 records and SHOULD NOT be negotiated
   where such middleboxes are expected.  A server MUST NOT send
   extension responses to more than one of "large_record_size_limit",
   "record_size_limit", and "max_fragment_length".  A client MUST treat
   receipt of more than one of "large_record_size_limit",
   "record_size_limit", and "max_fragment_length" as a fatal error, and
   it SHOULD generate an "illegal_parameter" alert.

Do we want to provide some guidance for which one to use?




S 4.
   TLS 1.3 [RFC8446bis] and DTLS 1.3 [RFC9147] limits the number of
   full-size records that may be encrypted under a given set of keys.
   Increasing the maximum record size to more than 2^14 + 256 bytes
   while keeping the same confidentiality and integrity advantage per
   write key therefore requires lower AEAD limits.  When the
   "large_record_size" has been negotiated record size limit larger than

Nit: "negotiated with a record size limit"


On Mon, Nov 24, 2025 at 6:21 AM Sean Turner <sean@sn3rd.com> wrote:

> A final reminder that this WGLC ends tomorrow.
>
> spt
>
> > On Nov 20, 2025, at 11:00, Sean Turner <sean@sn3rd.com> wrote:
> >
> > Another reminder that this is still on-going.
> >
> > spt
> >
> >> On Nov 13, 2025, at 19:25, Sean Turner <sean@sn3rd.com> wrote:
> >>
> >> Just a reminder that this is still on-going.
> >>
> >> spt
> >>
> >>> On Nov 4, 2025, at 23:55, Sean Turner via Datatracker <
> noreply@ietf.org> wrote:
> >>>
> >>>
> >>> Subject: WG Last Call: draft-ietf-tls-super-jumbo-record-limit-02 (Ends
> >>> 2025-11-25)
> >>>
> >>> This message starts a 3-week WG Last Call for this document.
> >>>
> >>> Abstract:
> >>> TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to
> >>> 2^14 + 1 bytes, which includes one byte for the content type.
> >>> Records also have a 3-byte overhead due to the fixed opaque_type and
> >>> legacy_record_version fields.  This document defines a TLS extension
> >>> that allows endpoints to negotiate a larger maximum inner plaintext
> >>> size, up to 2^30 - 256 bytes, while reducing overhead.
> >>>
> >>> File can be retrieved from:
> >>>
> https://datatracker.ietf.org/doc/draft-ietf-tls-super-jumbo-record-limit/
> >>>
> >>> Please review and indicate your support or objection to proceed with
> the
> >>> publication of this document by replying to this email keeping
> tls@ietf.org
> >>> in copy. Objections should be motivated and suggestions to resolve
> them are
> >>> highly appreciated.
> >>>
> >>> Authors, and WG participants in general, are reminded again of the
> >>> Intellectual Property Rights (IPR) disclosure obligations described in
> BCP 79
> >>> [1]. Appropriate IPR disclosures required for full conformance with the
> >>> provisions of BCP 78 [1] and BCP 79 [2] must be filed, if you are
> aware of
> >>> any. Sanctions available for application to violators of IETF IPR
> Policy can
> >>> be found at [3].
> >>>
> >>> Thank you.
> >>>
> >>> [1] https://datatracker.ietf.org/doc/bcp78/
> >>> [2] https://datatracker.ietf.org/doc/bcp79/
> >>> [3] https://datatracker.ietf.org/doc/rfc6701/
> >>>
> >>>
> >>>
> >>
> >
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>

v2.37.1 | Report a Bug | By Email | System Status