>>>>> "ER" == Eric Rescorla <[email protected]> writes:
ER> In TLS, we use a distinct nonce for each record and then a block counter
ER> inside the record. So, it's true that you couldn't encrypt a record that
ER> was more than 2^{32} * 256 bits long, but since TLS records can't be
ER> more than 16KB long anyway, this isn't the critical limitation.
That does change things. I do not recall any posts noting that after I
posted an objection to the change, but I mostly missed everything from
May thru July or so because of the stroke...
Thanks for the correction.
-JimC
--
James Cloos <[email protected]> OpenPGP: 0x997A9F17ED7DAEA6
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
