TLS connection reuse implementation timeline (#4089)

Eric Luehrsen ericluehrsen at
Fri Jul 6 02:49:42 UTC 2018

On 07/05/2018 06:25 PM, nusenu via Unbound-users wrote:
> Eric Luehrsen via Unbound-users:
>> If Unbound cache and prefetch parameters are configured properly,
>> they can mitigate the TLS handshake overhead.
> Unless you have a cache hit rate of 100%, cacheing and prefetching
> will not be able to compensate missing TLS connection reuse.
> (but that was not what my question was about)

Okay, the question was time line. I hope Unbound designers answer with 
an outline for time and design considerations. Whether a month or a 
year, some short term workaround may be useful. All workarounds (adjust 
cache and prefetch) are imperfect but may get by short term. At some 
reasonable cache rate, TLS connections will likely expire anyway before 
fresh data is needed. Neither server nor client will want excessive 
dangling connections. The gap in behavior may not be as big as it seems.

More information about the Unbound-users mailing list