Re: [TLS] Record header size?
Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 18 November 2015 01:41 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A4A81B371C for <tls@ietfa.amsl.com>; Tue, 17 Nov 2015 17:41:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.785
X-Spam-Level:
X-Spam-Status: No, score=-4.785 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.585] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tE2BgkrwcOhZ for <tls@ietfa.amsl.com>; Tue, 17 Nov 2015 17:41:35 -0800 (PST)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66B151B371D for <tls@ietf.org>; Tue, 17 Nov 2015 17:41:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1447810895; x=1479346895; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=cMaKKJD5LLuIbRBNQKtxUddAfHF2n36ZwRufmNC57aE=; b=fAfu02ar4zbo4F1i8yaxbUwQNJIwLxiGETEcwoWx7AyiDZVa0R4tFfdC t6TsiXOPPwVVIgzlpelqRe4asTk1WRbq6kArz17c1pYqcHi9mRpWJg6Dx EX0uU7fVzTy6ZL9g0HzmdU+sZ9U8gfyjVct4trwcktZIkKybSDKCzsSj8 rUHWswFbcMGXKow8S7Bg+jWWUnA96Na/EDIvzerJJTUqqJl9vspA1Zqyu qUpxWpiOnHp6OQE7xl+OV9X6yhmPAcrro2onKjNcynwKUS74jgaLX+eRj kUMjemmUmp4eQ5tjTqZClgZyL+/Emqq3GDCt1lO3fstfp5KG4YhSzjbrJ w==;
X-IronPort-AV: E=Sophos;i="5.20,310,1444647600"; d="scan'208";a="54718921"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.171 - Outgoing - Outgoing
Received: from uxchange10-fe4.uoa.auckland.ac.nz ([130.216.4.171]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 18 Nov 2015 14:41:33 +1300
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.51]) by uxchange10-fe4.UoA.auckland.ac.nz ([169.254.109.63]) with mapi id 14.03.0174.001; Wed, 18 Nov 2015 14:41:34 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "Short, Todd" <tshort@akamai.com>, Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [TLS] Record header size?
Thread-Index: AQHRIUwqo2PzkmG0m02LaFyKO+3dU56fmOsAgAA8dYCAAAO3gIAAAuyAgAAE1oCAASBNww==
Date: Wed, 18 Nov 2015 01:41:32 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73F4B679F9@uxcn10-5.UoA.auckland.ac.nz>
References: <C5F506DC-F814-4C0B-AFAA-86CF790817A7@akamai.com> <CABcZeBP5QPQAXKvM_oEAzex0-vrVWMvOW0yZuamvF5hxAHtmtw@mail.gmail.com> <87egfoe4n2.fsf@alice.fifthhorseman.net> <D5A18321-BA89-4047-91A0-D0259E70F0D9@akamai.com> <CABcZeBP8YSnv16Goa4-5ZVRS5eyq1N9-Qe1GwkV=A6EmWWE86w@mail.gmail.com>, <75C621A0-AAFB-4BB9-9958-17864699C2C7@akamai.com>
In-Reply-To: <75C621A0-AAFB-4BB9-9958-17864699C2C7@akamai.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/KM2d5a8YIcZ8QKFOX_JQgbAEqKU>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Record header size?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2015 01:41:37 -0000
Short, Todd <tshort@akamai.com> writes: >To be honest, it’s always kinda bugged me that SSL/TLS uses a 5-byte header, >coming from my embedded network system background. > >[...] +1. I wrote about this problem years ago in "Performance Characteristics of Application-level Security Protocols", https://www.cs.auckland.ac.nz/~pgut001/pubs/app_sec.pdf, see the section "Interaction with Encryption Hardware" for more. It doesn't name any names since I could only use public sources, but was based on discussions with hardware vendors. Mind you, TLS is almost pleasant compared to the crazy calisthenics you have to go through to deal with SSH data. You basically can't do SSH's crypto efficiently... Peter.
- [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Peter Gutmann
- Re: [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Eric Rescorla
- Re: [TLS] Record header size? Daniel Kahn Gillmor
- Re: [TLS] Record header size? Eric Rescorla
- Re: [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Eric Rescorla
- Re: [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Viktor Dukhovni
- Re: [TLS] Record header size? Peter Gutmann
- Re: [TLS] Record header size? Peter Gutmann
- Re: [TLS] Record header size? Yoav Nir
- Re: [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Viktor Dukhovni
- Re: [TLS] Record header size? Short, Todd
- Re: [TLS] Record header size? Martin Rex
- Re: [TLS] Record header size? Michael Gray
- Re: [TLS] Record header size? Viktor Dukhovni
- Re: [TLS] Record header size? Peter Gutmann
- Re: [TLS] Record header size? Martin Rex
- Re: [TLS] Record header size? Short, Todd