On Fri, Sep 25, 2015 at 04:23:27PM +0000, Hubert Kario via RT wrote: > > Given that TLSv1.3 has a 1RTT mode planned (so Client Key Exchange ends > up as an extension, possibly multiple ones), and that quantum computing > resistant algorithms usually require fairly large key sizes (large > enough that protocol limitations itself are problematic), we may see > Client Hellos larger than 16k in not so far future.
Since we don't actually know how things are going to change in the future and that they can change the maximum size of a Client Hello, it makes sense to me to not enforce a limit for the Client Hello message just because that's what the current version only supports. For all other messages we should be able to tell what the maximum size is. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
