Closed Bug 1647752 Opened 4 years ago Closed 4 years ago

Update DTLS 1.3 to draft-38

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.55

People

(Reporter: kjacobs, Assigned: kjacobs)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1647752 - Update DTLS 1.3 implementation to draft-38. 4 years ago Kevin Jacobs [:kjacobs] 47 bytes, text/x-phabricator-request		Details \| Review

Kevin Jacobs [:kjacobs]

Assignee

Description

•

4 years ago

•

Edited

Tracking update from -34 to -38.

Kevin Jacobs [:kjacobs]

Assignee

Comment 1

•

4 years ago

•

Edited

Attached file Bug 1647752 - Update DTLS 1.3 implementation to draft-38. — Details

This patch updates DTLS 1.3 to draft-38. Specifically:

ssl_ct_ack value changes from 25 to 26.
AEAD limits in tls13_UnprotectRecord enforce a maximum of 2^36-1 (as we only support GCM/ChaCha20 AEADs) decryption failures before the connection is closed.
Post-handshake authentication will no longer be negotiated in DTLS 1.3. This allows us to side-step the more convoluted state machine requirements.

Kevin Jacobs [:kjacobs]

Assignee

Comment 2

•

4 years ago

https://hg.mozilla.org/projects/nss/rev/132a87fc8689254a3fe0aada4a9c4031f78763c6

Status: ASSIGNED → RESOLVED

Closed: 4 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Update DTLS 1.3 to draft-38

Categories

(NSS :: Libraries, enhancement, P1)

Tracking

(Not tracked)

People

(Reporter: kjacobs, Assigned: kjacobs)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Attachment

General

Description

File Name

Content Type