IETF Logo Mail Archive

[TLS] Multiple records in record limit (was: Secdir review)

Martin Thomson <martin.thomson@gmail.com> Mon, 26 February 2018 01:39 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 839F4127275 for <tls@ietfa.amsl.com>; Sun, 25 Feb 2018 17:39:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 49BVEaLc_t4U for <tls@ietfa.amsl.com>; Sun, 25 Feb 2018 17:39:04 -0800 (PST)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E4721271FD for <tls@ietf.org>; Sun, 25 Feb 2018 17:39:04 -0800 (PST)
Received: by mail-oi0-x22d.google.com with SMTP id x12so9522248oie.13 for <tls@ietf.org>; Sun, 25 Feb 2018 17:39:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=tlWn9XpbzQ9on3NnprH/sgscP4ctSjytUKmW3rXb1G8=; b=VxuUBDq40nNA3VuptzIoTIqfPZJjwrtQoY0d3ijIx/oiZOP6WBnYLJv6N2FzcTz8DW BrjeHwQ93wBk8J387y25gFXIzwdA0uKFzMBqmcnaPjn6YEIrk2Y5frH01E78yPIkpkv/ yOnAHD0vU0/j0hlAcs6aSXVouDfvqM4NK68XMNBm0iNSKG5IQuiHoNmZDKrYHUX+rYDk oluiVtc7ArEPoQOCfWQETzCfUNjcWiX9Mzyw8+zl2qmqy1mk7Fe2Mz5K5ghPCdsUxEyK 4O/II1vBihKKahOCE5t+2OLmuFdPvdqZqc9ZJvSUBG2CMe1jwaNpdg+QaK7re+6xX+TA WTlg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=tlWn9XpbzQ9on3NnprH/sgscP4ctSjytUKmW3rXb1G8=; b=ANqODeY7zfyzXeXmwGsWwNHnWcXXXXlI1GZl+vWCFkrr+16Txc8tfJUpk8wtWkgKLu aczyfCdNdVwspAeuDVhmmBbE/PT9Ag0NODmYkI66KNLso3zx2s0dSGwDhwn6DpLgNrYr zyrY+ZrllbMvIedhrXCWfq3uCoxyB6FMdgZpFUPhjSmT4/fQONh3Db5GPNiSm4/oFBWw tlkMoHEritEABAHVKlg0+ngDsUr0oAA7wAlIaiGPyazdILw12iqe05na/333u4OX5SJY MZCJ+j2s4uSc9/5eOeqZzUSqpqsMpdWF/ICedNFN6tvG1UO6SpbxNmF49lgUc+bjWwx8 VQmg==
X-Gm-Message-State: APf1xPDZkQ6ukILkNPrQ7reOYXpwFmrtS0+0kRuPs6J5qNAcYxegHvD5 keKjmXTC4PM2ASytaTRuG6Rf7NsYCAM+B0x7Nnh/4490
X-Google-Smtp-Source: AG47ELtgJ361etJ/piVmxiZPhvABluz2Yb0j0PL2soPBDa9NxjMn++wmGGHvvU7aRrJsTwBNKDWobcRT0KWyfTLg0wE=
X-Received: by 10.202.56.214 with SMTP id f205mr5362957oia.254.1519609143309; Sun, 25 Feb 2018 17:39:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.16.85 with HTTP; Sun, 25 Feb 2018 17:39:02 -0800 (PST)
From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 26 Feb 2018 12:39:02 +1100
Message-ID: <CABkgnnX_RpLXVLw+hFrOQJDQkFO9Gjz9Qc2intv7ECgcowNLVg@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Cc: Alan DeKok <aland@deployingradius.com>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Fypm3E5KTh052Kl6UmYVhQDiL64>
Subject: [TLS] Multiple records in record limit (was: Secdir review)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Feb 2018 01:39:05 -0000

Out of the secdir review (thanks again Alan!), I realized that the
draft never actually said this:

   PMTU governs the size of UDP datagrams, which limits the size of records, but
   does not prevent records from being smaller.  An endpoint that sends small
   records is still able to send multiple records in a single UDP datagram.

I think that I should add that explanation.

Does anyone think that this should go further and advise against
putting multiple records in the same datagram?

v2.23.0 | Report a Bug | By Email