Gutmann Soundwave Therapy
Perry E. Metzger
perry at piermont.com
Fri Feb 1 14:52:44 EST 2008
Ian G <iang at systemics.com> writes:
> This is what Guus was getting at:
>
>
> - We needed to tunnel data over UDP, with UDP semantics.
> SSL requires a reliable stream. Therefore, we had to
> use something other that SSL to tunnel data.
The version of SSL (which is officially called TLS) that does this is
called "DTLS". It has already existed for some time now.
> To put it in more fundamental terms, TLS assumes that what you want is
> a stream. If you want packets, then TLS is a millstone around your
> neck.
That's why you use "Datagram TLS", aka "TLS if your app needs UDP
instead of TCP".
If you want to learn more about DTLS, this Wikipedia page:
http://en.wikipedia.org/wiki/DTLS
points at the RFC, which is here:
http://tools.ietf.org/html/rfc4347
OpenSSL has had DTLS support for a while, so there is unencumbered
code for you to roll into your app for the purpose any time you like.
> Advising TLS for a packet delivery requirement is simply "wrong."
DTLS is there for packet delivery.
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list