-----Original Message----- The cause is the maximum record size in the specifications, any compliant client or server might send a record of maximum size which would then reach the requirements stated.
If the maximum record length is used an implementation can't do much about that because it has to check the entire record integrity before returning any data to the application. Doing anything else would be a security hole. There are some TLS extensions which allow the max record size to be specified at handshake time *but* these aren't widely supported. OpenSSL doesn't currently support TLS extensions though. Steve. -- I understand that when an implementation sends a maximum-length record, my implementation must have a contiguous buffer large enough to hold it. But since my application will rarely receive records of the maximum length, I am looking into doing some dynamic growth of the Rx buffer. I would like to start it small (2K or 4K), then grow it only if the other end sends me a larger record. On the transmit side, OpenSSL currently has the ability to send arbitrarily large messages, one 16K record at a time. Is there any harm in me deciding to send large messages one 4K record at a time? Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
