[Cryptography] How to De-Bollocks Cryptography?
iang
iang at iang.org
Wed Aug 14 04:24:56 EDT 2024
On 13/08/2024 07:02, Phillip Hallam-Baker wrote:
>
> I don't think TLSsimple is what we need.
I think a huge mistake that is made is that people think they want a
connection-oriented protocol. Almost all applications are datagrams -
discrete packets of some length that are more or less independent of any
other packets.
Obviously, web is datagrams - each request, each page, each recursive
insert, etc. Even live voice/video is datagrams as the robust protocols
are lossy, and the normal arrangement is a subset of all the packets.
Songs and movies are just big datagrams, so write a jumbo-datagram
protocol over small datagrams, it's a month's work by a good intern.
What happens however is that people assume TCP (or TLS) for
"reliability" and don't get it. So they are forced down the path of
adding a reliable datagram protocol over the top of an unreliable
connection protocol. The end result is a mess as two complex layers
fight each other.
Nicely, nowadays, we can say - look at SPDY. (It almost exactly mirrored
the work I'd done & aired on this group a decade back called SDP1. And
has the advantage of brand and a big adoption win.
iang
ps; an old datagram on bad connections
https://iang.org/ssl/reliable_connections_are_not.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240814/0fee5fc1/attachment.htm>
More information about the cryptography
mailing list