Current draft states:

  Alert messages ({{alert-protocol}}) MUST NOT be fragmented across records.

and

  Implementations MUST NOT send zero-length fragments of Handshake or
  Alert types, even if those fragments contain padding.

But I don't see what is the expected behaviour of the side receiving such 
malformed messages.

Especially the fragmented alerts are unique in that any other message type can 
be fragmented, so no rules define how to handle incorrectly fragmented 
messages. Or at least I don't see them.
-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky┼łova 99/71, 612 45, Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to