[openssl-project] Potentially adding TLS record header to TLS 1.3 AAD

[Benjamin Kaduk]

Hi all,

There's a pull request open against the TLS 1.3 spec to include the
record header in the AAD for record protection
(https://github.com/tlswg/tls13-spec/pull/1158).  We're somewhat on
the fence about this, with the main advantage seeming to be for DTLS
and not plain TLS, but it would probably still be useful to have
some sense for how hard it would be to implement.  Matt, do you have
any thoughts off the top of your head?

Thanks,

Ben