TLS 1.3: Generate right alert for records with no content type

NEW
Unassigned

Status

P3
normal
2 years ago
a year ago

People

(Reporter: ekr, Unassigned)

Tracking

3.18

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

2 years ago
The spec says:

Implementations MUST limit their scanning to the cleartext returned
from the AEAD decryption.  If a receiving implementation does not find
a non-zero octet in the cleartext, it should treat the record as
having an unexpected ContentType, sending an "unexpected_message"
alert.


But we use bad_record_mac
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.