From 6f54803486056643cbbe74fd1dc568589611d4f4 Mon Sep 17 00:00:00 2001 From: ID Bot Date: Thu, 5 Sep 2024 08:17:07 +0000 Subject: [PATCH] Script updating gh-pages from 3b2aaf1. [ci skip] --- ...mattsson-tls-super-jumbo-record-limit.html | 6 +++--- ...-mattsson-tls-super-jumbo-record-limit.txt | 20 +++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/draft-mattsson-tls-super-jumbo-record-limit.html b/draft-mattsson-tls-super-jumbo-record-limit.html index e560240..554045e 100644 --- a/draft-mattsson-tls-super-jumbo-record-limit.html +++ b/draft-mattsson-tls-super-jumbo-record-limit.html @@ -9,7 +9,7 @@ @@ -1071,7 +1071,7 @@

Large Record Sizes for TLS and DTLS with Reduced Overhead

Abstract

-

TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to 214 + 1 bytes, which includes one byte for the content type, and have a 3-byte overhead due to the fixed fields opaque_type and legacy_record_version. This document defines a TLS extension that allows endpoints to negotiate a larger maximum inner plaintext size, up to 232 - 256 bytes, while reducing overhead.

+

TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to 214 + 1 bytes, which includes one byte for the content type. Records also have a 3-byte overhead due to the fixed opaque_type and legacy_record_version fields. This document defines a TLS extension that allows endpoints to negotiate a larger maximum inner plaintext size, up to 232 - 256 bytes, while reducing overhead.

@@ -1181,7 +1181,7 @@

1. Introduction

-

TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to 214 + 1 bytes, which includes one byte for the content type, and have a 3-byte overhead due to the fixed fields opaque_type and legacy_record_version. TLS-based protocols are increasingly used to secure long-lived interfaces in critical infrastructure, such as telecommunication networks. In some infrastructure use cases, the upper layer of DTLS expects a message oriented service and uses message sizes much larger than 214-bytes. In these cases, the 214-byte limit in TLS necessitates an additional protocol layer for fragmentation, resulting in increased CPU and memory consumption and additional complexity. Allowing 232-byte records would eliminate additional fragmentation in almost all use cases. In [RFC6083] (DTLS over SCTP), the 214-byte limit is a severe restriction.

+

TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to 214 + 1 bytes, which includes one byte for the content type. Records also have a 3-byte overhead due to the fixed opaque_type and legacy_record_version fields. TLS-based protocols are increasingly used to secure long-lived interfaces in critical infrastructure, such as telecommunication networks. In some infrastructure use cases, the upper layer of DTLS expects a message oriented service and uses message sizes much larger than 214-bytes. In these cases, the 214-byte limit in TLS necessitates an additional protocol layer for fragmentation, resulting in increased CPU and memory consumption and additional complexity. Allowing 232-byte records would eliminate additional fragmentation in almost all use cases. In [RFC6083] (DTLS over SCTP), the 214-byte limit is a severe restriction.

This document defines a "large_record_size_limit" extension that allows endpoints to negotiate a larger maximum inner plaintext (TLSInnerPlaintext) size. This extension is valid in TLS 1.3 and DTLS 1.3. The extension works similarly to the "record_size_limit" extension defined in [RFC8449]. Additionally, this document defines new TLS 1.3 TLSLargeCiphertext and DTLS 1.3 unified_hdr structures to enable inner plaintexts up to 232 - 256 bytes with reduced overhead. For example, inner plaintexts up to 216 - 256 bytes can be supported with 3 bytes less overhead, which is useful in constrained IoT environments. The "large_record_size_limit" extension is incompatible with middleboxes expecting TLS 1.2 records.

diff --git a/draft-mattsson-tls-super-jumbo-record-limit.txt b/draft-mattsson-tls-super-jumbo-record-limit.txt index 3eda671..c9d8973 100644 --- a/draft-mattsson-tls-super-jumbo-record-limit.txt +++ b/draft-mattsson-tls-super-jumbo-record-limit.txt @@ -17,11 +17,11 @@ Expires: 9 March 2025 Siemens Abstract TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to - 2^14 + 1 bytes, which includes one byte for the content type, and - have a 3-byte overhead due to the fixed fields opaque_type and - legacy_record_version. This document defines a TLS extension that - allows endpoints to negotiate a larger maximum inner plaintext size, - up to 2^32 - 256 bytes, while reducing overhead. + 2^14 + 1 bytes, which includes one byte for the content type. + Records also have a 3-byte overhead due to the fixed opaque_type and + legacy_record_version fields. This document defines a TLS extension + that allows endpoints to negotiate a larger maximum inner plaintext + size, up to 2^32 - 256 bytes, while reducing overhead. About This Document @@ -89,11 +89,11 @@ Table of Contents 1. Introduction TLS 1.3 records limit the inner plaintext (TLSInnerPlaintext) size to - 2^14 + 1 bytes, which includes one byte for the content type, and - have a 3-byte overhead due to the fixed fields opaque_type and - legacy_record_version. TLS-based protocols are increasingly used to - secure long-lived interfaces in critical infrastructure, such as - telecommunication networks. In some infrastructure use cases, the + 2^14 + 1 bytes, which includes one byte for the content type. + Records also have a 3-byte overhead due to the fixed opaque_type and + legacy_record_version fields. TLS-based protocols are increasingly + used to secure long-lived interfaces in critical infrastructure, such + as telecommunication networks. In some infrastructure use cases, the upper layer of DTLS expects a message oriented service and uses message sizes much larger than 2^14-bytes. In these cases, the 2^14-byte limit in TLS necessitates an additional protocol layer for