Ok, thanks. This is close to my sense of it. Actually, I wasn't aware of the
fact that
the TLS 1.3 draft now explicitly addresses this in the Presentation Language
section:
"Peers which receive a message which cannot be parsed according to the
syntax
(e.g., have a length extending beyond the message boundary or contain an
out-of-range
length) MUST terminate the connection with a "decoding_error" alert."
Cheers,
Andi
>>> Martin Thomson <[email protected]> 09/21/16 9:25 AM >>>
On 21 September 2016 at 17:21, Andreas Walz
<[email protected]> wrote:
> Do you see any argument why ignoring such trailing data would be acceptable
> (or even desirable)?
No.
Well, we exploited that to add extensions to the protocol once, so I
won't categorically rule it out, but in the case of
supported_groups/supported_curves, no good can come of ignoring
rubbish. Of course, it's hard to point to this being harmful as well
:)
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
