Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: oversized TLS ClientHello #24

Open
gaukas opened this issue Feb 26, 2024 · 0 comments
Open

feat: oversized TLS ClientHello #24

gaukas opened this issue Feb 26, 2024 · 0 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@gaukas
Copy link
Contributor

gaukas commented Feb 26, 2024

Google Chrome 122 (or maybe earlier) started to send an oversized TLS ClientHello if Kyber768-based PQ Key Share has been enabled.

In terms of QUIC, the TLS ClientHello will be broken into several pieces, a fix-sized (~1200B) large piece with offset 0 and other smaller pieces with random length/offset. The fix-sized large chunk was send in the first initial packet as the only frame in the packet, and the rest of the chunks are send in the second packets with other frames (PING/PADDING).
@gaukas gaukas added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers labels Feb 26, 2024
@gaukas gaukas pinned this issue Jul 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gaukas