As stated in [1], DTLS sliding window should always advance not to drop 'too new' records. This also conforms to RFCs [2. 3]. A patch for this by David Woodhouse for GnuTLS (which shares part of DTLS sliding window implementation) is available at [1].
As stated in [1], DTLS sliding window should always advance not to drop 'too new' records. This also conforms to RFCs [2. 3]. A patch for this by David Woodhouse for GnuTLS (which shares part of DTLS sliding window implementation) is available at [1].
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1370881#c12 [2] https://tools.ietf.org/html/rfc4303#section-3.4.3 [3] https://tools.ietf.org/html/rfc6347#section-4.1.2.6