On Thu, Dec 13, 2018 at 5:10 AM Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
> > Hiya, > > Was just adding code for this and I noticed that the draft says > a server: "SHOULD pad the Certificate message, via padding at > the record layer, such that its length equals the size of the > largest possible Certificate (message) covered by the same ESNI > key." > > I think that ought also mention the CertificateVerify as that > could also tell you something about the ESNI being used if the > key lengths in the various certificates differ. > Sure. Send a PR. -Ekr More specific to openssl though, there isn't really a terribly > easy way to do such fine-grained padding (that I've found so > far), so to cover the above, and as there are likely many > other ways that the ESNI could be exposed, it might be good to > add that clients and servers could reasonably decide to pad all > handshake messages or even all records. (That last being what > is currently easiest with openssl, and hence what I've done > for now with my proof-of-concept code:-) > > Cheers, > S. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
