I can't say what was going on in the SSLv3 days, but yes record size limits are important for memory. Whatever the maximum record size is, the peer can force you to buffer that many bytes in memory. That means the maximum record size is actually a DoS parameter for the protocol.
On Wed, Mar 20, 2024 at 10:35 AM Jan-Frederik Rieckers <[email protected]> wrote: > Hi to all, > > during the presentation of the Large Record Sizes draft at the tls > session yesterday, I wondered why the length restriction is in TLS in > the first place. > > I have gone back to the TLS1.0 RFC, as well as SSLv3, TLS1.3 and TLS1.2 > and have found the restriction in all of them, but not a rationale why > the length is artificially shortened, when the length is encoded as uint16. > > Does someone know what the rationale behind it is? > One educated guess we came up with was that the limit was put there to > ensure that implementations can make sure to not use too much memory, > and using 2^14 was deemed a good compromise between memory usage and > message length, but in my short research I haven't found any evidence > that would confirm that guess. > > > Cheers, > Janfred > > -- > Herr Jan-Frederik Rieckers > Security, Trust & Identity Services > > E-Mail: [email protected] | Fon: +49 30884299-339 | Fax: +49 30884299-370 > Pronomen: er/sein | Pronouns: he/him > > __________________________________________________________________________________ > > DFN - Deutsches Forschungsnetz | German National Research and Education > Network > Verein zur Förderung eines Deutschen Forschungsnetzes e.V. > Alexanderplatz 1 | 10178 Berlin > https://www.dfn.de > > Vorstand: Prof. Dr.-Ing. Stefan Wesner | Prof. Dr. Helmut Reiser | > Christian Zens > Geschäftsführung: Dr. Christian Grimm | Jochem Pattloch > VR AG Charlottenburg 7729B | USt.-ID. DE 136623822 > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
