>
Flow control really, really, *really* seems like an application-layer task to me in the case of TLS. I think adding it to TLS itself would be a mistake.
This whole thread of messages kind of already concluded that this is not possible currently. You simply cannot implement proper flow control since doing so would potentially throttle writes, not just reads. You need a TLS data window to do it properly.
2018-05-19 21:42 GMT+02:00 Michael Wojcik <Michael.Wojcik@xxxxxxxxxxxxxx>:
> From: Jordan Brown [mailto:openssl@jordan.maileater.net ]
> Sent: Saturday, May 19, 2018 14:08
> To: openssl-users@xxxxxxxxxxx; Michael Wojcik; Alex H
> Subject: Re: Receive throttling on SSL sockets
> TLS could (but as far as I can tell does not) have such a mechanism. It could have a window, like TCP, where the receiver
> would say "you can send me 64K of data", and the sender wouldn't be allowed to send data (but could send control
> messages) when that window is exhausted, until the receiver reopens the window. It could have control messages like
> XON and XOFF that say "please stop sending me data (but control is OK)" and "resume sending data".
Hey, if we're all bored with reinventing TCP on top of UDP, we can reinvent TCP on top of TCP!
> It does seem like some sort of flow control would be desirable, so that the receiver doesn't have to have some way to
> handle arbitrarily large amounts of data to keep the connection healthy.
> Maybe in TLS 1.4.
Good lord, isn't TLS complicated enough already? How many pages is the new edition of /Bulletproof TLS/? (I don't know because I have it in Kindle form. But it's long. Loooooong.)
Flow control really, really, *really* seems like an application-layer task to me in the case of TLS. I think adding it to TLS itself would be a mistake.
Michael Wojcik
Distinguished Engineer, Micro Focus
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
