On Friday, November 20, 2015 12:44 PM, Alex Mayrhofer wrote: > > As dkg already said, I'm slightly worried that when we say "send > random", lazy implementors might simply malloc() the space and > send whatever was at that memory position before...
Yes, this is the "rabbit hole" that I was alluding to. The moment we say "fill it with random values," we can expect an interesting discussion about what that means. Cue your favorite Dilbert or XKCD cartoon. So maybe we need to be a bit more specific than "MAY send random." Something like: Padding SHOULD be set to zeroes when sending. Application developers who are concerned about misguided lower layer compression MAY instead fill the padding with the output of a cryptographic random number generator. Recipient MUST ignore the received padding. I understand your concern with lazy developers. But then, if they are really lazy, they will just call memzero and meet the requirement. Knowing that other developers may legitimately send something else than zero will also give teeth to the "must ignore" requirement. -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
