Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Mention hybrid key exchange for split TLS ClientHello
Browse files Browse the repository at this point in the history
Would it be worth mentioning this specific case https://tldr.fail/, where TLS ClientHello processing is not implemented correctly ?
loganaden authored Mar 4, 2024

Verified

This commit was signed with the committer’s verified signature.
stgraber Stéphane Graber
1 parent 3f61f01 commit db1d021
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion draft-ietf-tls-rfc8446bis.md
Original file line number Diff line number Diff line change
@@ -5255,7 +5255,7 @@ TLS protocol issues:

- Do you correctly handle handshake messages that are fragmented to
multiple TLS records (see {{record-layer}})? Do you correctly handle
corner cases like a ClientHello that is split into several small fragments? Do
corner cases like a ClientHello that is split into several small fragments such as hybrid key exchanges? Do
you fragment handshake messages that exceed the maximum fragment
size? In particular, the Certificate and CertificateRequest
handshake messages can be large enough to require fragmentation.

0 comments on commit db1d021

Please sign in to comment.