Hiya, On 21/10/2019 20:01, Rob Sayre wrote: > On Mon, Oct 21, 2019 at 11:41 AM Stephen Farrell <[email protected]> > wrote: > >> My guess is that all of the above will lead to everyone >> always using 260 for this value, making it pointless >> and somewhat wasteful. >> > > Whether it's wasteful depends on how big typical ClientHello (without early > data) messages are. If they'll easily fit in one packet, 260 doesn't matter.
I don't think we ought be so confident of that. TLS is so broadly used that there may be other circumstances now or in future where this would be a problem that'd cause ESNI to not be used. It seems prudent to use fewer bytes when that's possible (so long as we don't expose the actual SNI length). Removing the padding_length field also removes a way in which server configurations can be broken (if some server admin sets a too-low value), which is also a more prudent design than we currently have. S. > This seems like something TLS WG should track, tbh. > > thanks, > Rob >
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
