Current draft states:

  Alert messages ({{alert-protocol}}) MUST NOT be fragmented across records.


  Implementations MUST NOT send zero-length fragments of Handshake or
  Alert types, even if those fragments contain padding.

But I don't see what is the expected behaviour of the side receiving such 
malformed messages.

Especially the fragmented alerts are unique in that any other message type can 
be fragmented, so no rules define how to handle incorrectly fragmented 
messages. Or at least I don't see them.
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Red Hat Czech s.r.o., Purky┼łova 99/71, 612 45, Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

TLS mailing list

Reply via email to