On Fri, Sep 25, 2015 at 09:19:02PM +0200, Kurt Roeckx wrote:
> Since we don't actually know how things are going to change in the
> future and that they can change the maximum size of a Client
> Hello, it makes sense to me to not enforce a limit for the Client
> Hello message just because that's what the current version only
> supports. For all other messages we should be able to tell what
> the maximum size is.
There's no such thing as "no limit". If the client HELLO retains
its basic structure, it needs to retain the same limits.
If the limits change, that's a new protocol message that is no
longer an SSLv3/TLSv1.0 compatible client HELLO.
The published limits from TLS 1.2 cannot change in TLS 1.3, if TLS
1.3 HELLO messages are to be understood by TLS 1.2 servers.
--
Viktor.
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
