From 06ce7929bf539b8abe208d45b325adb5bdd558a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?John=20Preu=C3=9F=20Mattsson?= Date: Sun, 25 Feb 2024 18:45:19 +0100 Subject: [PATCH] Update draft-mattsson-tls-super-jumbo-record-limit.md --- draft-mattsson-tls-super-jumbo-record-limit.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-mattsson-tls-super-jumbo-record-limit.md b/draft-mattsson-tls-super-jumbo-record-limit.md index 1bc8969..396d7ab 100644 --- a/draft-mattsson-tls-super-jumbo-record-limit.md +++ b/draft-mattsson-tls-super-jumbo-record-limit.md @@ -73,7 +73,7 @@ This document defines a "large_record_size" flag extension using the TLS flags e # The "large_record_size" Flag Extension {#ex} -When the "large_record_size" flag extension is negotiated, an endpoint MUST be prepared to accept protected records with ciphertexts of length 216 bytes and protected record with plaintext of length 216 - the allowed expansion. The maximum length of a protected record plaintext is therefore 216 - 28 = 65280 octets. Unprotected messages are still subject to the lower default limits. +When the "large_record_size" flag extension is negotiated, an endpoint MUST be prepared to accept protected records with ciphertexts of the negotiated length and protected record with plaintext of the negotiated length of - the allowed expansion. The maximum length of a protected record plaintext that can be negotiated is therefore 216 - 28 = 65280 octets. Unprotected messages are still subject to the lower default limits. The "large_record_size" flag extension MUST be negotiated together with the "record_size_limit" extension and MUST NOT be negotiated together with the "max_fragment_length" extension. A client MUST treat receipt of "large_record_size" without "record_size_limit" or together with "max_fragment_length" as a fatal error, and it SHOULD generate an "illegal_parameter" alert.