[mnet-devel] EGTPv2 related
Zooko
zooko at zooko.com
Sat May 31 23:16:06 BST 2003
I still intend to invent my own crypto protocol someday. You can even read
various notes about it here:
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/mnet/mnet_new/doc/EGTPv2_Architecture.txt?rev=HEAD&only_with_tag=HEAD&content-type=text/vnd.viewcvs-markup
(Note: those notes are raw scribbles and the protocol sketched might be full
of holes.)
The desiderata listed therein explain why I think someone might someday
consider using my protocol instead of SSL/TLS. (Hm. Actually Desideratum A
isn't really explained at all, and that one is the real raison d'etre...)
What you wrote about state management ties into desideratum A though.
So I agree that state management is a motivating reason, but also that SSL
could (and maybe already has, for all I know) grow the ability to store crypto
session state separately from the connection.
(I know that SSL implementations typically offer "session caching", which does
this, but it seems to be intended entirely for performance reasons and not for
the reason of making the session state part of the security guarantee offered
to the programmer...)
--Z
> Does the setup and state maintenance costs for keeping a large amount
> of connections open and in-progress count? I am thinking of, to pick a
> random example, many-to-many communication that resembles UDP in
> payload size/frequency but which need some of the features that TCP
> offers. In these cases you either end up rebuilding TCP mechanisms on
> top of UDP packets or tweaking the TCP-based protocol to strip out some
> of the unnecessary overhead. I am not saying that this is a
> "convincing" argument, and it is probably one that is getting to be
> less and less convincing as pipes get bigger and SSL toolkits/modules
> becomes simpler and more convenient to take advantage of, but there is
> still a point to be made for application-specific protocols.
-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel
More information about the Mnet-devel
mailing list