- From: Ilari Liusvaara <ilariliusvaara@welho.com>
- Date: Sat, 20 May 2023 10:56:47 +0300
- To: HTTP Working Group <ietf-http-wg@w3.org>
On Fri, May 19, 2023 at 02:30:50PM -0700, David Schinazi wrote: > > I agree with you that the main motivations for masking don't matter as much > when WebSocket runs over TLS or QUIC (though AEADs without random IVs allow > a collaborating client and server to predict the next keymat...). However, > it's not clear to me why the overhead of masking matters. I wouldn't expect > the XOR to be visible on CPU traces. Is this masking causing noticeable > performance issues in your environment? As note on performance, it is not just XOR (which likely will not run at anywhere close as fast as it could), it is also generating the random numbers on client side. Many secure RNGs are very inefficient when generating 4 bytes at a time. And then there is also possibility that there are other poorly visible costs, e.g., extra data copying/ buffering. -Ilari
Received on Saturday, 20 May 2023 07:56:57 UTC