Re: Zero padding

Seems reasonable to me. Any further comment - especially (but not exclusively) from the TLS community?


On 23 Sep 2014, at 5:43 pm, Martin Thomson <> wrote:

> Regarding
> I draw your attention to
>, which
> makes the same requirements on padding that the current draft does:
> that is, must be zero, no requirements to enforce this at the receiver
> (though servers MAY validate this, which is as effective as a MUST in
> ensuring compliance).  I hold that Adam and the numerous reviewers of
> this draft from the TLS community collectively know more about this
> than I could ever hope to, and suggest that we defer to their
> collective judgment.
> I would like to close issue #602 with the single change included in
> the following PR:

Mark Nottingham

Received on Wednesday, 24 September 2014 10:26:59 UTC