[openssl-dev] [openssl.org #4065] Re: Client Hello longer than 2^14 bytes are rejected
Viktor Dukhovni
openssl-users at dukhovni.org
Sat Sep 26 01:02:15 UTC 2015
On Sat, Sep 26, 2015 at 12:17:20AM +0000, Salz, Rich wrote:
> > On the other side of the coin handling very large ClientHello's is not without
> > cost and risk.
>
> As long as it's a #define that can be changed in ssl.h (or a runtime global? Ick) we should be okay.
It would have to more configurable than that to be worth the bother.
All sorts of "appliance" products with OpenSSL inside would
potentially some day pose a barrier to interoperability with clients
that send large HELLO messages.
I should note that server side session state can also contain a
client certificate, which is then embedded in the session ticket.
So the outer limits of current practice are somewhat bigger.
We could perhaps increase the limit from 16K to 32K bytes, just in
case that helps, and hope that the result does not expose servers
to significantly higher risk of DoS.
Or raise the issue on the TLS WG. Are servers really expected
to support up to 128K or so of client HELLO?
--
Viktor.
More information about the openssl-dev
mailing list