On Friday, November 20, 2015 8:48 AM, Visweswaran, Gowri wrote: > > Re Stephen's comment: In the choice between zero and random padding I'm > almost entirely in the "meh, just pick one and move on" camp, but if forced to > would side with putting in random crap and not zeros. I do think requiring > checking of zeros on the receiver would be wrong. > > Rather than picking either zero or random, should we allow support for both > alternatives?
Yes. I agree with Stephane's and Warren's analyses that trying to prevent covert channels is futile. Let's keep it simple. I am also reluctant to mandate randomness because this can be a very deep rabbit hole, and is not needed if the local TLS stack does not do compression. What about SHOULD send zeroes, MAY send random, MUST NOT look at the received padding? -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
