Re: [hybi] Websocket success rates and TLS extension.

On Sat, Apr 17, 2010 at 12:45 AM, Justin Erenkrantz
<justin@erenkrantz.com>wrote:

> On Tue, Apr 6, 2010 at 1:11 AM, Greg Wilkins <gregw@webtide.com> wrote:
> > Because TLS negotiations represent round trips, they
> > don't want extra round trips for framing negotiations.
> > Hence they have proposed a TLS extension to allow
> > protocol negotiation during TLS handshake.
> >
> >  http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00
> >
> > This would allow a TLS connection to be negotiated
> > with an application protocol and further round trips
> > avoided.
>
> Sorry for coming back to this, but Mike's later posts reminded me of
> this comment as a way to reduce round-trips.
>
> This is interesting, but the ID doesn't really contain a useful
> description of how it would be implemented - it punts that out of
> scope and that's the more critical bit, I think.  I'm just not sure I
> understand what the "selected_protocol" field would say at all.
>
> Regardless of the vagueness of this ID, doing something to optimize
> latency is important.  If this TLS extension makes it way into
> OpenSSL, I'm sure httpd/mod_ssl could easily pick up on it.  Is an
> implementation available or planned?
>

Client & Server implementations already exist for OpenSSL.  A client
implementation exists for NSS.  I'm not sure if these have been landed into
the public repository yet, but Adam Langley is the contact on that.

Mike

>
> I don't know how hard it is for Java servers to support TLS extensions
> - I'm sure you know, Greg.  =P  -- justin
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi
>