[Cryptography] [cryptography] Is it time for a revolution to replace TLS?

John Kemp john at jkemp.net
Mon May 19 16:50:10 EDT 2014 

On 05/19/2014 02:06 PM, Tony Arcieri wrote:
> On Mon, May 19, 2014 at 10:13 AM, ianG <iang at iang.org
> <mailto:iang at iang.org>> wrote:
>
>     But this is not what well-written PHP programs do, IMHO, or at least
>     they do not need to do that.  A well-written program can cache the
>     entire lot, and write it out in one block.  For efficiency, for error
>     handling, and for security.  So we can call this PHP practice for what
>     it is:   bad!  no surprise there.
>
>     Bring on other examples!  I'll lay 10 to 1 that most dynamic page models
>     are really datagram models.

[...]

> That's not to say this doesn't fit your suggested messaging/datagram
> model, just that producing the page header (at the very least) prior to
> the rest of the page confers some performance advantages.

This response comes close to helping me finally explain my point of 
replying on this thread in the first place :)

The "architecture" that we have for the Web is grafted together from 
real engineering concerns about performance, melded with business 
interests, social interests, politics and a whole bunch of other stuff. 
These things led (last time) to streams over datagrams over streams...

It's not that one couldn't come up with a "clean" alternative to the 
existing architecture. It's that if one did, in order to have that 
architecture exist and persist in the real world, that architecture 
would be munged together with a lot of other things, many of which are 
yet unknown (new businesses created as a result of technical innovation?)

TLS was perfectly adapted to its environment at the time it evolved. I 
think the _environment_ would need to change still more in order for 
something else to take its place. And perhaps that means going beyond 
datagrams, or streams? And we would still need to find the 'why' for that.

- johnk

>
> --
> Tony Arcieri
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>

More information about the cryptography mailing list