<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class="">The padding may be also necessary to prevent from a kind of attacks, besides hiding the length. But I cannot recall the details.</div><div class=""><br class=""></div>Removing padding may be not the direction. Instead, a padding length customizable solution may be more flexible. Here is an enhancement request in JBS (<a href="https://bugs.openjdk.org/browse/JDK-8244983" class="">https://bugs.openjdk.org/browse/JDK-8244983</a>), please feel free to take it. <div class=""><div class=""><div class=""><br class=""></div><div class="">Xuelei<br class=""><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Nov 4, 2022, at 4:21 AM, Daniel JeliĆski <<a href="mailto:djelinski1@gmail.com" class="">djelinski1@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hello,<div class="">I noticed that we're padding every TLS 1.3 record with exactly 16 zeros [1]. I'd like to remove that padding to conserve network bandwidth and processing power. Thoughts?</div><div class=""><br class=""></div><div class="">Some background:</div><div class="">- TLS 1.3 RFC [2] defines padding as a means to hide the size of the traffic. Constant-length padding does not hide it, obviously. The RFC does not define any padding policies ("<span style="font-size: 13.3333px;" class="">Selecting a padding policy that suggests when and how much to pad is</span><span style="font-size: 13.3333px;" class=""> a complex topic and is beyond the scope of this specification.")</span></div><div class=""><span style="font-size: 13.3333px;" class="">- OpenSSL [3] defines 2 methods to select the length of the padding block: the user may provide a callback that selects adequate padding length, or provide block length, and then every record is padded to a multiple of block length. By default OpenSSL does not pad records.</span></div><div class=""><span style="font-size: 13.3333px;" class="">- I'm not aware of any discussions around record padding on this list, which suggests that there's no demand for more complex padding schemes.</span></div><div class=""><span style="font-size: 13.3333px;" class=""><br class=""></span></div><div class=""><span style="font-size: 13.3333px;" class="">Regards,</span></div><div class=""><span style="font-size: 13.3333px;" class="">Daniel</span></div><div class=""><br class=""></div><div class="">[1] <a href="https://github.com/openjdk/jdk/blob/4cec141a90bc5d3b8ec17c024291d9c74a112cd4/src/java.base/share/classes/sun/security/ssl/OutputRecord.java#L302" class="">https://github.com/openjdk/jdk/blob/4cec141a90bc5d3b8ec17c024291d9c74a112cd4/src/java.base/share/classes/sun/security/ssl/OutputRecord.java#L302</a></div><div class="">[2] <a href="https://www.rfc-editor.org/rfc/rfc8446.html#section-5.4" class="">https://www.rfc-editor.org/rfc/rfc8446.html#section-5.4</a></div><div class="">[3] <a href="https://www.openssl.org/docs/man1.1.1/man3/SSL_set_record_padding_callback.html" class="">https://www.openssl.org/docs/man1.1.1/man3/SSL_set_record_padding_callback.html</a></div></div>
</div></blockquote></div><br class=""></div></div></div></div></body></html>