Re: [hybi] Websocket success rates and TLS extension.
Mike Belshe <mike@belshe.com> Sun, 18 April 2010 02:09 UTC
Return-Path: <mike@belshe.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 198023A6985 for <hybi@core3.amsl.com>; Sat, 17 Apr 2010 19:09:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.722
X-Spam-Level: *
X-Spam-Status: No, score=1.722 tagged_above=-999 required=5 tests=[AWL=1.284, BAYES_40=-0.185, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CNsvyaMflQSr for <hybi@core3.amsl.com>; Sat, 17 Apr 2010 19:09:07 -0700 (PDT)
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) by core3.amsl.com (Postfix) with ESMTP id 3FD2A3A6992 for <hybi@ietf.org>; Sat, 17 Apr 2010 19:09:06 -0700 (PDT)
Received: by pwj2 with SMTP id 2so2729780pwj.31 for <hybi@ietf.org>; Sat, 17 Apr 2010 19:08:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.143.45.15 with HTTP; Sat, 17 Apr 2010 19:08:56 -0700 (PDT)
In-Reply-To: <n2j5c902b9e1004170045if1df8e7atf67f926c1452996@mail.gmail.com>
References: <4BBAECB7.2030009@webtide.com> <n2j5c902b9e1004170045if1df8e7atf67f926c1452996@mail.gmail.com>
Date: Sat, 17 Apr 2010 19:08:56 -0700
Received: by 10.143.24.14 with SMTP id b14mr1517377wfj.346.1271556536353; Sat, 17 Apr 2010 19:08:56 -0700 (PDT)
Message-ID: <s2y2a10ed241004171908ta80078acw84c4a8e53c160e3c@mail.gmail.com>
From: Mike Belshe <mike@belshe.com>
To: Justin Erenkrantz <justin@erenkrantz.com>
Content-Type: multipart/alternative; boundary="001636e0b639a9441a04847953ac"
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Websocket success rates and TLS extension.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Apr 2010 02:09:08 -0000
On Sat, Apr 17, 2010 at 12:45 AM, Justin Erenkrantz <justin@erenkrantz.com>wrote: > On Tue, Apr 6, 2010 at 1:11 AM, Greg Wilkins <gregw@webtide.com> wrote: > > Because TLS negotiations represent round trips, they > > don't want extra round trips for framing negotiations. > > Hence they have proposed a TLS extension to allow > > protocol negotiation during TLS handshake. > > > > http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00 > > > > This would allow a TLS connection to be negotiated > > with an application protocol and further round trips > > avoided. > > Sorry for coming back to this, but Mike's later posts reminded me of > this comment as a way to reduce round-trips. > > This is interesting, but the ID doesn't really contain a useful > description of how it would be implemented - it punts that out of > scope and that's the more critical bit, I think. I'm just not sure I > understand what the "selected_protocol" field would say at all. > > Regardless of the vagueness of this ID, doing something to optimize > latency is important. If this TLS extension makes it way into > OpenSSL, I'm sure httpd/mod_ssl could easily pick up on it. Is an > implementation available or planned? > Client & Server implementations already exist for OpenSSL. A client implementation exists for NSS. I'm not sure if these have been landed into the public repository yet, but Adam Langley is the contact on that. Mike > > I don't know how hard it is for Java servers to support TLS extensions > - I'm sure you know, Greg. =P -- justin > _______________________________________________ > hybi mailing list > hybi@ietf.org > https://www.ietf.org/mailman/listinfo/hybi >
- [hybi] Websocket success rates and TLS extension. Greg Wilkins
- Re: [hybi] Websocket success rates and TLS extens… Justin Erenkrantz
- Re: [hybi] Websocket success rates and TLS extens… Mike Belshe
- Re: [hybi] Websocket success rates and TLS extens… Justin Erenkrantz
- Re: [hybi] Websocket success rates and TLS extens… Justin Erenkrantz
- Re: [hybi] Websocket success rates and TLS extens… Greg Wilkins
- Re: [hybi] Websocket success rates and TLS extens… Julian Reschke
- Re: [hybi] Websocket success rates and TLS extens… Greg Wilkins
- Re: [hybi] Websocket success rates and TLS extens… Jamie Lokier
- Re: [hybi] Websocket success rates and TLS extens… Mike Belshe
- Re: [hybi] Websocket success rates and TLS extens… Mike Belshe