Closed Bug 1339373 Opened 9 years ago Closed 8 years ago

Reject "too much" early data sent by a client

Tracking

(Not tracked)

Status:

RESOLVED INVALID

People

(Reporter: ttaubert, Unassigned)

References

Details

Tim Taubert [:ttaubert] (inactive)

Reporter

Description

•

9 years ago

BoGo tests SkipEarlyData-TooMuchData and SkipEarlyData-HRR-TooMuchData test that a server should reject too much early data sent by a client. Boring currently defines too much starting at 16384 + 1.

Franziskus Kiefer [:franziskus]

Updated

•

9 years ago

Comment 1

•

9 years ago

I just tried to re-enable these tests, but they are somewhere between bad and awful. We currently don't have interoperability on the definition of the max_early_data_size field. It might be that I'm wrong about this and we shouldn't be calculating based on the plaintext size. I've started a thread on the tls@ietf mailing list and we'll see how that plays out.

Tim Taubert [:ttaubert] (inactive)

Reporter

Updated

•

8 years ago

Priority: -- → P3

Martin Thomson [:mt:]

Comment 2

•

8 years ago

It turns out that these tests are testing an internal feature of BoringSSL. We will never want to run those tests.

Status: NEW → RESOLVED

Closed: 8 years ago

Resolution: --- → INVALID

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Reject "too much" early data sent by a client

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: ttaubert, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Comment 2