Dutch Transport Card Broken
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Thu Jan 31 23:12:45 EST 2008
On Fri, Feb 01, 2008 at 01:15:09PM +1300, Peter Gutmann wrote:
> Victor Duchovni <Victor.Duchovni at MorganStanley.com> writes:
>
> >Jumping in late, but the idea that *TCP* (and not TLS protocol design) adds
> >round-trips to SSL warrants some evidence (it is very temping to express this
> >skepticism more bluntly).
>
> If anyone's interested, I did an analysis of this sort of thing in an
> unpublished draft "Performance Characteristics of Application-level Security
> Protocols", http://www.cs.auckland.ac.nz/~pgut001/pubs/app_sec.pdf. It
> compares (among other things) the cost in RTT of several variations of SSL and
> SSH. It's not the TCP RTTs that hurt, it's all the handshaking that takes
> place during the crypto connect. SSH is particularly bad in this regard.
Thanks, an excellent reference! Section 6.2 is most enlightening, we were
already considering adopting HPN fixes in the internal OpenSSH deployment,
this provides solid material to motivate the work...
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list