[openssl-dev] [openssl.org #4022] Support for RFC 6066 in OpenSSL
Shalom, Hai via RT
rt at openssl.org
Wed Aug 26 21:18:35 UTC 2015
Hello,
I'm contacting you in regards to official support of RFC 6066, specifically for the maximum fragment length negotiation feature.
In the Internet-of-Things world, the devices are very limited in memory and may not be able to support secure connections with a fragment size of up to 16KB as mandated by the RFC. In reality, many devices violate this requirement and fail if a fragment size is above some lower value (4-6K).
This extension would allow a thin client to negotiate a small fragment and improve overall memory requirements, and still be fully compliant.
As the most popular TLS library for Linux, lacking this feature on the server side makes this great feature irrelevant, and it's not desirable moving forward.
I found this patch in your web site, but it hasn't been integrated:
http://rt.openssl.org/Ticket/Attachment/49354/28294/
What is your stand with regards to officially supporting this feature in the future?
Thanks,
Hai.
----
Hai Shalom
[Description: QCA]
hshalom at qca.qualcomm.com<mailto:hshalom at qca.qualcomm.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4729 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150826/00082989/attachment-0001.png>
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list