Updated Protocol Specification (markdown)

Protocol-Specification.md

@@ -1,14 +1,14 @@
 ## Overview
 
-The communication between the Quasar server and clients uses Transport Layer Security (TLS) with client & server certificates. TLS provides confidentiality and data integrity between the communicating components. TLS application data packets contain the exchanged messages between a client and server. The application data consists of a 2 bytes unsigned message length and a serialized message.
+The communication between the Quasar server and clients uses Transport Layer Security (TLS) with client & server certificates. TLS provides confidentiality and data integrity between the communicating components. TLS application data packets contain the exchanged messages between a client and server. The application data consists of a 4 bytes unsigned message length and a serialized message. Although a message length of 4 bytes results in a maximum message length of 2³² bytes, a lower limit of 5 MB is enforced on the client and server side to prevent huge buffer allocation attacks from exhausting the resources of a client or server.
 
 ```
 ---------------------------------------------------------------------
 |                                                                   |
 |  TLS application data                                             |
 |      -----------------------------------------------------------  |
-|      |       2 bytes         |             x bytes             |  |
+|      |       4 bytes         |             x bytes             |  |
-|      | message length (= x)  |       serialized message        |  |
+|      |    message length     |       serialized message        |  |
 |      -----------------------------------------------------------  |
 --------------------------------------------------------------------
 ```