Hello, I agree with stephane that we can't prevent covert channels. I will do a revised draft with what I think is the rough concensus of the WG regarding non-zero padding over the next few days.
Alex ---- Paul Wouters schrieb ---- >On Wed, 18 Nov 2015, Daniel Kahn Gillmor wrote: > >> So i think that we should still say that a packet sender MUST pad with >> all-zeros for this draft, even though a recipient MUST NOT reject a >> query or response just because it a non-zero octet in its padding. >> >> In addition to compatibility with future versions, we don't want to >> encourage another heartbleed where uninitialized memory goes out on the >> wire. And we don't want to encourage people to leak big chunks of their >> raw CSPRNG output to their correspondent. > >+1 > >Paul > >_______________________________________________ >dns-privacy mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/dns-privacy
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
