- From: Willy Tarreau <w@1wt.eu>
- Date: Thu, 19 Jul 2012 12:17:10 +0200
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Roberto Peon <grmocg@gmail.com>, Paul Hoffman <paul.hoffman@gmail.com>, Phillip Hallam-Baker <hallam@gmail.com>, grahame@healthintersections.com.au, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Mike Belshe <mike@belshe.com>
On Thu, Jul 19, 2012 at 10:08:04AM +0000, Poul-Henning Kamp wrote: > In message <20120719093901.GB16208@1wt.eu>, Willy Tarreau writes: > > >TLS is a valid transport [...] > > Am I the only one who think we should be able to mix protected > and unprotected transactions on the same TCP stream ? No you're not the only one, I like it too, as well as I'd like to ensure that websocket and HTTP can share the same TCP connection as well. > I really don't see why the user should have to open a new connection > just because they want to log into a site, and it would allow > proxies, gateways and routers to use fewer connections more > efficiently. In fact, mixing streams saves TCP connections. However, processing encryption on a stream is always expensive as it requires data copy at the software level. If we one day support datagram-based transport (which I hope for many reasons), then I'd favor splitting the streams so that we can rely on the NIC's ability to encrypt datagrams at a zero cost. Regards, Willy
Received on Thursday, 19 July 2012 10:17:40 UTC