IETF Logo Mail Archive

Re: [TLS] RFC 6066 - Max fragment length negotiation

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 18 March 2017 07:38 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDAFD126C89 for <tls@ietfa.amsl.com>; Sat, 18 Mar 2017 00:38:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uy4ylcGvwnXK for <tls@ietfa.amsl.com>; Sat, 18 Mar 2017 00:38:22 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 185A012426E for <tls@ietf.org>; Sat, 18 Mar 2017 00:38:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1489822702; x=1521358702; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=dZ/Ec1JRjHcfKZcLKPWZ5wrcPuTjuk6BPGpWi6dgqmE=; b=zyOuUIPPpesxIOjrETawVJfbD2jZweUnhaDKrePDrDYonCU8WRCKXDW5 IcpsAcqF5pY5jY5NoXTuIgYq/+92eXp8EjsBnzq1xe8SIJs/rduc8Eepj TGdRgmVcCfYlqkMmC8QlYREj/gWaPgubz5ICjFkXzGn4jDUCWvW41wDWa 3Inyeg04hYX4120eYzgDEx9cw5ZDr4JmphnGPr1dMtse7Hxc1fbdsn92u fIir/0t14twr+ZchK5DrEDAjGfvwh6ZWAvNX+POlV92UrUwuOpmvrCRX0 kfi64bF/L2za2/PFIMQGZb0hW+fuNDICUuknNRyzfPWaHGhG1/xALm65s A==;
X-IronPort-AV: E=Sophos;i="5.36,181,1486378800"; d="scan'208";a="143781086"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.9 - Outgoing - Outgoing
Received: from uxcn13-tdc-e.uoa.auckland.ac.nz ([10.6.3.9]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 18 Mar 2017 20:38:20 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-e.UoA.auckland.ac.nz (10.6.3.9) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sat, 18 Mar 2017 20:38:20 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1178.000; Sat, 18 Mar 2017 20:38:20 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
CC: Martin Thomson <martin.thomson@gmail.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] RFC 6066 - Max fragment length negotiation
Thread-Index: AQHSnpUB8UgZsR1fnUWlpN1q8vk4DKGYGe7w//8q+oCAANxgO///LA8AgADcRWz//0AsAAAe+X57//8qVYCAACsrgIABIKju//8rnQCAAOBv1///TSSAgAIHDu8=
Date: Sat, 18 Mar 2017 07:38:19 +0000
Message-ID: <1489822688947.65295@cs.auckland.ac.nz>
References: <1489707933992.42551@cs.auckland.ac.nz> <CABkgnnVRZBwXHZ6w=gX9pykNpXp80OLP1pe-VMg-uO-C6O8yEQ@mail.gmail.com> <1489710142144.88978@cs.auckland.ac.nz> <CABkgnnXiB5ksGbbPqDP3D=FVdQu9ht0vD8-T-5HTaEKQQE4+9w@mail.gmail.com> <1489721710740.52293@cs.auckland.ac.nz> <CABkgnnWq_5e8TJgJV+okqi6vo-_5=811pOZRtUCp0TD07SmNoQ@mail.gmail.com> <CABkgnnW=Pz+6M8UYoB+MTY8rQp9vsHyh6aqiSb3EbTT_BdWokA@mail.gmail.com> <1489747107536.25854@cs.auckland.ac.nz> <CABkgnnUqHvc6zOL1SYP8FwBcF7SeMnnT-PJOwhMB1qqeDAcp9w@mail.gmail.com> <1489749662616.94542@cs.auckland.ac.nz>, <20170317134014.GA26550@LK-Perkele-V2.elisa-laajakaista.fi>
In-Reply-To: <20170317134014.GA26550@LK-Perkele-V2.elisa-laajakaista.fi>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/rQWwpvSAZF6Yyz5km2kLPMDhm78>
Subject: Re: [TLS] RFC 6066 - Max fragment length negotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Mar 2017 07:38:24 -0000

Ilari Liusvaara <ilariliusvaara@welho.com> writes:

>In fact, in TLS 1.3, all messages except Certificate ones are likely to be
>under 2k (or 1k).

OK, in that case make the max message size 1K, or 512 bytes, or whatver you
need.

Also, TLS 1.3 as it currently stands, in a pre-standard draft, may have
messages under 2K or whatever, but so did SSL in its day.  Give it time and
it'll be bloated up with 200 extensions and 500 cipher suites just like TLS
is.

Peter.

v2.23.0 | Report a Bug | By Email