On Mon, Feb 19, 2018 at 09:27:14AM -0800, Jim Schaad wrote:
> 
> 
> > -----Original Message-----
> > From: ilariliusva...@welho.com [mailto:ilariliusva...@welho.com]
> > Sent: Monday, February 19, 2018 9:18 AM
> > To: Jim Schaad <i...@augustcellars.com>
> > Cc: 'Martin Thomson' <martin.thom...@gmail.com>; tls@ietf.org; draft-ietf-
> > tls-record-li...@ietf.org
> > Subject: Re: [TLS] Mail regarding draft-ietf-tls-record-limit
> > 
> > On Mon, Feb 19, 2018 at 08:31:53AM -0800, Jim Schaad wrote:
> > > Martin,
> > >
> > > I think that the wording I would prefer would be along the lines of
> > >
> > > A server MUST NOT error on the value of the extension when a higher
> > > TLS version is requested.  The server MUST use the minimum of the
> > > requested value and the maximum value for the TLS version negotiated.
> > > A server MAY error if a the value of the extension is exceeded for the
> > > version of TLS requested.
> > 
> > You need to consider the case where there is some unknown-to-server
> > extension that happens to alter the limit.
> 
> I am not sure how, as a that server, I could possibly do that.  I can't
> act on something I don't understand.

Because the server can not know the semantics of unknown extensions, it
has to assume any such can alter the maximum limit. Of course, when it
comes to that, the server could just not error on too large limits
regardless of other extensions.


-Ilari

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to