----- Original Message ----- > From: "Brian Smith" <br...@briansmith.org> > To: "Hubert Kario" <hka...@redhat.com> > Cc: "Dave Garrett" <davemgarr...@gmail.com>, "<tls@ietf.org>" <tls@ietf.org> > Sent: Saturday, July 23, 2016 3:37:24 AM > Subject: Re: [TLS] Thoughts on Version Intolerance > > Hubert Kario <hka...@redhat.com> wrote: > > I'm quite sure that if I were sending a huge extension or many big > > extensions, > > the percentage of servers that are incompatible to them would be similar, > > if > > not worse. A relatively small 3KiB client hello already causes issues and > > this > > is not exactly something impossible to achieve with just TLSv1.2 and > > session > > tickets. > > Don't expect a server to accept a ClientHello with a session ticket it > didn't produce. In particular, a server could very reasonably reject a > session ticket larger than the ones it produces, and it might produce > only very small ones.
oh, I agree, I don't plan to use session_ticket for testing client hello size > More generally, when assessing compatibility, generally it is better > to consider only initial handshakes, using the data one would normally > send in an initial handshake. And, if you are considering 0-RTT key > shares, then it would be better to measure the case where only ECC key > shares are used separately from the case where non-ECC (old-school DH) > key shares are used. what I wanted to say, is that those limits are most likely hardcoded in the libraries (OpenSSL's certainly were), so they may well be ticking time bombs for the time when some user deploys such broken implementation with client certificates and for one reason or other connecting clients have very big certificates. Then you can hit those limits even if using TLSv1.2 protocol. -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: hka...@redhat.com Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls