* I don't argue with this but this is not the approach TLS 1.3 took. It
provides a generic padding mechanism to be used across application protocols.
At some point I thought we said that the TLS 1.3 padding mechanism was supposed
to be application-driven (in the form of application-provided policy or simply
desired pad size), which would mean that the application has to be involved
TLS mailing list