Re: [TLS] TLS Record Size Limitation

Dave Garrett <> Tue, 08 December 2015 08:50 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 71E0B1A90A6 for <>; Tue, 8 Dec 2015 00:50:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id FDlGJx6atkfw for <>; Tue, 8 Dec 2015 00:50:02 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400d:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 79CE11A90A2 for <>; Tue, 8 Dec 2015 00:50:02 -0800 (PST)
Received: by qgea14 with SMTP id a14so10484604qge.0 for <>; Tue, 08 Dec 2015 00:50:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=RldAzaoFE6ucjL6RqEfkV9j047UOUIEgHy6k5OCcNbE=; b=0nNxenNjid6SvOAih0oi3+mswYQAY3CjANdRrUfD81O7r0pOpqJkZSWJ4whyY05fFZ ak7UZnpd6kygKBA553RA7DU19gak5z5aGBagpYF9cAQ91Q8hVAxYWNcW1awcL8r57EVG uz7Sl/7Il1x0j3B50Z9K39G0k1MCTr4BbMqvJaWtaHVw6jKmHpQYxpzq7uwjkyJnC1CM bcfVXzLPXR2A5KZBzSCnjzuOX9rHdUqD8pwF/8Kw9nBzK94fKIcwfIY5Rae9pzHUI5hP W7qz76FJF5XJPuOgBF9hqVOKVOOveBTRu+cy2ZTFKn+kahHgB3rpZxqlZwMdSTmkoMYw miZA==
X-Received: by with SMTP id 91mr3041958qgx.78.1449564601519; Tue, 08 Dec 2015 00:50:01 -0800 (PST)
Received: from dave-laptop.localnet ( []) by with ESMTPSA id f7sm1086898qkb.7.2015. (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 08 Dec 2015 00:50:00 -0800 (PST)
From: Dave Garrett <>
To: Software Engineer 979 <>
Date: Tue, 8 Dec 2015 03:49:59 -0500
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <>
Archived-At: <>
Subject: Re: [TLS] TLS Record Size Limitation
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 08 Dec 2015 08:50:04 -0000

On Monday, December 07, 2015 04:00:54 pm Software Engineer 979 wrote:
> Hello,
> I'm currently developing an data transfer application using OpenSSL. The
> application is required to securely transfer large amounts of data over a
> low latency/high bandwidth network. The data being transferred lives in a
> 3rd part application that uses 1 MB buffer to transfer data to my
> application. When I hook OpenSSL into my application I notice an
> appreciable decline in network throughput. I've traced the issue the
> default TLS record size of 16K. The smaller record size causes the 3rd
> party application's buffer to be segmented into 4 16K buffers per write and
> the resulting overhead considerably slows things down. I've since modified
> the version of OpenSSL that I'm using to support an arbitrary TLS record
> size allowing OpenSSL to scale up to 1MB or larger TLS record size. Since
> this change, my network throughput has dramatically increased (187%
> degradation down to 33%).
> I subsequently checked the TLS RFC to determine why a 16K record size was
> being used, and all could find was the following:
> length
>       The length (in bytes) of the following TLSCompressed.fragment.
>       The length MUST NOT exceed 2^14 + 1024.
> The language here is pretty explicit stating that the length must not
> exceed 16K (+ some change).Does anyone know the reason for this? Is there a
> cryptographic reason why we shouldn't exceed this message size? Based on my
> limited experiment, it would appear that a larger record size would benefit
> low latency/high bandwidth networks.

Well, the length field is 16-bit, so 2^16 is the hard upper limit for record format compatibility. (I don't personally know why it's less than that here, offhand) A TLS extension to negotiate max length might be viable. The handshake would have to keep to the old limits for backwards compatibility, but after that records could use a larger field (or add a multiplier to use 16-bit to cover larger sizes with padding as-needed).