diff --git a/transports/meeklite/transport.go b/transports/meeklite/transport.go
index 85da3e20ebbe57ee5b81d8c1e5e9d17b037373fc..8ea865fffb875bcdf52a466861c1b79807f199cf 100644
--- a/transports/meeklite/transport.go
+++ b/transports/meeklite/transport.go
@@ -149,7 +149,15 @@ func (rt *roundTripper) dialTLS(network, addr string) (net.Conn, error) {
 		log.Warnf("meek_lite - HPKP disabled for host: %v", host)
 	}
 
-	conn := utls.UClient(rawConn, &utls.Config{ServerName: host, VerifyPeerCertificate: verifyPeerCertificateFn}, *rt.clientHelloID)
+	conn := utls.UClient(rawConn, &utls.Config{
+		ServerName:            host,
+		VerifyPeerCertificate: verifyPeerCertificateFn,
+
+		// `crypto/tls` gradually ramps up the record size.  While this is
+		// a good optimization and is a relatively common server feature,
+		// neither Firefox nor Chromium appear to use such optimizations.
+		DynamicRecordSizingDisabled: true,
+	}, *rt.clientHelloID)
 	if err = conn.Handshake(); err != nil {
 		conn.Close()
 		return nil, err