[147647] in cryptography@c2.net mail archive
Re: [Cryptography] Crypto Standards v.s. Engineering habits - Was:
daemon@ATHENA.MIT.EDU (James A. Donald)
Sat Oct 12 02:21:08 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 12 Oct 2013 13:09:37 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <52579133.3030704@iang.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-10-11 15:48, ianG wrote:
> Right now we've got a TCP startup, and a TLS startup. It's pretty
> messy. Adding another startup inside isn't likely to gain popularity.
The problem is that layering creates round trips, and as cpus get ever
faster, and pipes ever fatter, round trips become a bigger an bigger
problem. Legend has it that each additional round trip decreases usage
of your web site by twenty percent, though I am unaware of any evidence
on this.
>
> (Which was one thing that suggests a redesign of TLS -- to integrate
> back into IP layer and replace/augment TCP directly. Back in those
> days we -- they -- didn't know enough to do an integrated security
> protocol. But these days we do, I'd suggest, or we know enough to
> give it a try.)
TCP provides eight bits of protocol negotiation, which results in
multiple layers of protocol negotiation on top.
Ideally, we should extend the protocol negotiation and do crypto
negotiation at the same time.
But, I would like to see some research on how evil round trips really are.
I notice that bank web pages take an unholy long time to come up,
probably because one secure we page loads another, and that then loads a
script, etc.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
