refactoring crypto handshakes (SSL in 3 easy steps)
James A. Donald
jamesd at echeque.com
Tue Nov 13 20:29:14 EST 2007
Pasi.Eronen at nokia.com wrote:
> The "extra messages" might be irrelevant for
> cryptography, but they're not irrelevant for security
> or functionality.
>
> E.g. in SSL, you have capability/feature negotiation
> (cipher suites, trusted CAs, in TLS 1.2 also signature
> algorithms, etc.)
You can handle this by client making a guess, perhaps
based on past experience, as to whether its initial
request for preferred protocol is likely to be accepted,
and if it thinks it probably will be, going ahead on the
assumption it will be, rather than waiting for the round
trips to complete.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list