On Mon, Feb 19, 2018 at 09:55:51AM -0800, Jim Schaad wrote: > > > > -----Original Message----- > > From: ilariliusva...@welho.com [mailto:ilariliusva...@welho.com] > > Sent: Monday, February 19, 2018 9:51 AM > > To: Jim Schaad <i...@augustcellars.com> > > Cc: 'Martin Thomson' <martin.thom...@gmail.com>; email@example.com; draft-ietf- > > tls-record-li...@ietf.org > > Subject: Re: [TLS] Mail regarding draft-ietf-tls-record-limit > > > > Because the server can not know the semantics of unknown extensions, it has > > to assume any such can alter the maximum limit. Of course, when it comes to > > that, the server could just not error on too large limits regardless of > > other > > extensions. > > But if the server does not understand the new extension, then it would > not be returned to the client so that the client would understand how > the server decided on what the maximum value that it is going to use for > the client is. The client can then abort the connection if it does not > like the new limit. However, I think that this would only affect the > MAY in the proposed text.
Suppose client supports large-records extension that allows records up to 65535 bytes, but the server does not know about this extension. Then ClientHello which has record size limit of 65519 and the extension MUST NOT cause an abort, because such ClientHello is fully valid. This would be very unusual requirement. So better to specify that the server MUST accept overly large values, internally truncating to the negotiated protocol maximums or implementation maximums, whichever is smaller. The server to client direction is different matter. Client always understands all server extensions (there is a requirement to abort otherwise) so it knows what is the maximum possible record size for the negotiated protocol and can check that. However, it must still internally trunccate that to implementation maximums. Also, the values are capability advertisments, so the server value can be larger or smaller than the client value. Following is fully legal and well-defined in TLS 1.3: Client: maximum-record-size=1025 (do not send me more than 1024 bytes of record plaintext). Server: maximum-record-size=16385 (understood, send me any size you like within protocol limits). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls