On Sat, Feb 23, 2008 at 10:44:15AM +0100, Dominik Herrmann wrote: > Hi all, > > the TLS spec allows for padding TLS record messages with random length > (up to 256 bytes) which helps to disguise the actual length of messages. > > I wondered if this has been implemented in openssl yet, but apparently > not yet. [...] > The line /* Add weird padding of upto 256 bytes */ suggests that there > are plans to implement the random length padding. The line has been in > the code since a while, though... > > Are there any technical reasons why you haven't implemented it so far?
GNU TLS does implement this. There are known problems with symbian-based mobile devices that don't handle it. If someone wants to implement this, please atleast have an option to turn it off. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]