TLS connection reuse implementation timeline (#4089)
Eric Luehrsen
ericluehrsen at gmail.com
Fri Jul 6 02:49:42 UTC 2018
On 07/05/2018 06:25 PM, nusenu via Unbound-users wrote:
> Eric Luehrsen via Unbound-users:
>> If Unbound cache and prefetch parameters are configured properly,
>> they can mitigate the TLS handshake overhead.
>
> Unless you have a cache hit rate of 100%, cacheing and prefetching
> will not be able to compensate missing TLS connection reuse.
>
>
> (but that was not what my question was about)
Okay, the question was time line. I hope Unbound designers answer with
an outline for time and design considerations. Whether a month or a
year, some short term workaround may be useful. All workarounds (adjust
cache and prefetch) are imperfect but may get by short term. At some
reasonable cache rate, TLS connections will likely expire anyway before
fresh data is needed. Neither server nor client will want excessive
dangling connections. The gap in behavior may not be as big as it seems.
More information about the Unbound-users
mailing list