Thanks, Rich. Do you have the link to the mini-conference proceedings?
Thanks
Best Regards,
Neetish
On Wed, Oct 4, 2017 at 8:58 PM, Salz, Rich via openssl-users <
openssl-users@openssl.org> wrote:
> You should look at the IETF TLS working group. Also, there was a mini
> conference, TLS Ready
Hi All,
Could you please suggest few research papers (apart from TLS 1.3 draft) on
TLS 1.3 that may b helpful to understand TLS 1.3 implementation and
performance. Is there any research available on TLS 1.3 performance
benchmarking?
Some papers which I am referring right now are:
1.
A
.com/openssl/openssl/issues/4237
>
> - The impact of the KeyShare calculation on TLS 1.3 session resumption
> (assuming most deployments will use psk_dhe_ke)
>
> - The impact of post-handshake handshake messages.
>
>
>
> Regards
>
> Roelof
>
>
>
> *From: *
Hi,
I worked on TLS 1.3 performance bench-marking. After my tests, I found that
TLS 1.3 based resumption is not giving us the connection latency benefits
when tested in a LAN environment. It is slower than TLS 1.2. When tested on
WAN, definitely, TLS 1.3 fares better than TLS 1.2.
I want your
On Tue, Aug 1, 2017 at 10:46 AM, Neetish Pathak <npath...@ncsu.edu> wrote:
>
>
> On Mon, Jul 31, 2017 at 2:00 PM, Matt Caswell <m...@openssl.org> wrote:
>
>>
>>
>> On 31/07/17 20:37, Neetish Pathak wrote:
>> > On 26/07/17 00:05, Neetish P
On Mon, Jul 31, 2017 at 2:00 PM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 31/07/17 20:37, Neetish Pathak wrote:
> > On 26/07/17 00:05, Neetish Pathak wrote:
> > >> *Pseudocode for server*
> > >>
On Mon, Jul 31, 2017 at 9:43 AM, Matt Caswell <m...@openssl.org> wrote:
> Apologies for the delayed response - I've been away on holiday. Comments
> inserted below.
>
No problem thanks for the replies
>
> Matt
>
>
> On 26/07/17 00:05, Neetish Pathak wrote:
&
Thanks Ben for your reply
On Tue, Jul 25, 2017 at 6:11 AM, Benjamin Kaduk <bka...@akamai.com> wrote:
> [Matt's reply is likely to be high latency]
>
>
> On 07/24/2017 08:53 PM, Neetish Pathak wrote:
>
>
>
> On Wed, Jul 19, 2017 at 2:27 AM, Matt Caswell <m...@ope
On Wed, Jul 19, 2017 at 2:27 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 18/07/17 22:27, Neetish Pathak wrote:
> > Hi ,
> > thanks Matt, this is helpful
> >
> >
> > One more query on how I can enable 0.5 RTT data from the server side. It
that happens only on full-handshake in ephemeral type ciphers (e.g.
ECDHE) but not in RSA type. Am I correct ?
Thanks
BR,
Neetish
On Wed, Jul 19, 2017 at 2:27 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 18/07/17 22:27, Neetish Pathak wrote:
> > Hi ,
> > t
On Mon, Jul 17, 2017 at 1:54 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 14/07/17 20:18, Neetish Pathak wrote:
> >
> >
> > On Fri, Jul 14, 2017 at 2:54 AM, Matt Caswell <m...@openssl.org
> > <mailto:m...@openssl.org>> wrote:
> >
On Fri, Jul 14, 2017 at 2:54 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 13/07/17 23:52, Neetish Pathak wrote:
> > Hi All,
> > Help with these queries please,
> >
> > 1) Is it possible to use external session files (with session info as
>
Hi All,
Help with these queries please,
1) Is it possible to use external session files (with session info as
identifiers or tickets for out of band resumption) for session resumption
in TLS 1.2. Does it need some kind of callback like the way it is used in
TLS 1.3 with
Hi All,
In case no dh params are set and ECDHE-ECDSA type cipher is used, what is
the default size of DH params (what modulus) used on TLS handshake. I see
that X25519 EC is getting used but I am not sure about DH parameters in
that case
Thanks
Best Regards,
Neetish
--
openssl-users mailing list
ing the added delay. Could someone please provide any
explanation or point me in the right direction. It is not very clear to me
right now even after seeing the RFC
Thanks
On Thu, Jul 6, 2017 at 11:40 AM, Neetish Pathak <npath...@ncsu.edu> wrote:
> Thanks for the detailed explanation Mat
On Mon, Jul 3, 2017 at 2:11 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 30/06/17 22:18, Neetish Pathak wrote:
> > Hi All,
> > Can anyone provide me pointers on how can we generate external PSK to be
> > used inTLS 1.3.
> >
> > When I s
Hi All,
Can anyone provide me pointers on how can we generate external PSK to be
used inTLS 1.3.
When I save a a session using SSL_CTX_sess_set_new_cb(), it provides an
in-band PSK for next resumption connection.
I use PEM_write_bio_SSL_SESSION to save the session.
How do we use PSK externally.
on the
client side or the server side?
Thanks
Best Regards,
Neetish
On Tue, Jun 27, 2017 at 4:56 PM, Neetish Pathak <npath...@ncsu.edu> wrote:
> Thanks
> 1) How can i load multiple private keys and certificates on the server
> side.
> I need to use different keys and certificat
the keys and certificates. Can somebody
suggest the right way to do this.
Thanks
Best Regards,
Neetish
On Tue, Jun 27, 2017 at 12:56 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 27/06/17 01:05, Neetish Pathak wrote:
> > Hi ,
> >
> > 1) I am working with a c
PSK in TLS 1.3 and false start in TLS 1.2 (for my
study purpose).
Are you planning to integrate false start in OpenSSL any time. Thanks
Thanks
Best Regards,
Neetish
On Wed, Jun 21, 2017 at 3:17 PM, Neetish Pathak <npath...@ncsu.edu> wrote:
>
>
> On Wed, Jun 21, 2017 at 3:11 AM,
On Wed, Jun 21, 2017 at 3:11 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 21/06/17 00:38, Neetish Pathak wrote:
> > I wanted to understand the replay attack vulnerability in case of enable
> > early data of TLS 1.3 while false start is secure in that respect as
,
Neetish
On Tue, Jun 20, 2017 at 11:52 AM, Neetish Pathak <npath...@ncsu.edu> wrote:
> I Appreciate your response
>
> On Tue, Jun 20, 2017 at 2:09 AM, Matt Caswell <m...@openssl.org> wrote:
>
>>
>>
>> On 19/06/17 19:11, Neetish Pathak wrote:
>> >
I Appreciate your response
On Tue, Jun 20, 2017 at 2:09 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 19/06/17 19:11, Neetish Pathak wrote:
> > 2) Can you suggest some places to put a time stamp in OpenSSL code.
>
> I agree with Ben's responses
Thanks Ben for all the replies and your comments. They are extremely useful
for my study
On Mon, Jun 19, 2017 at 9:21 PM, Benjamin Kaduk <bka...@akamai.com> wrote:
> On 06/19/2017 04:12 PM, Neetish Pathak wrote:
>
>
>
> On Mon, Jun 19, 2017 at 11:11 AM, Neetish Pathak <np
On Mon, Jun 19, 2017 at 11:11 AM, Neetish Pathak <npath...@ncsu.edu> wrote:
> Hi Matt,
> Thanks
> Could you help with following queries
>
> 1) On the blogpost for TLS1.3, you mentions the following in the session
> section
> The specification recommends that applicati
en ? I get a PSK in first connection and use it
again for all the other connections.
2) Can you suggest some places to put a time stamp in OpenSSL code.
Thanks
Best Regards,
Neetish
On Mon, Jun 19, 2017 at 5:49 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 16/06/17 23
Benjamin/Matt,
Appreciate your tips and help so far.
Could you give me any pointers for placing my timestamps within the OpenSSl
code for right measurement for handshake. I am reading through the master
code. I think since in TLS 1.3 is session tickets are sent after handshake,
it would be ok to
Thanks Matt, Appreciate ur response and tips
On Fri, Jun 16, 2017 at 3:36 PM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 16/06/17 20:08, Benjamin Kaduk via openssl-users wrote:
> > On 06/16/2017 01:58 PM, Neetish Pathak wrote:
> >> Hello
> >> Thanks
, Jun 15, 2017 at 2:30 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 14/06/17 18:36, Neetish Pathak wrote:
> >
> > My calling sequence is :
> >
> > client.connectToServer();
> >
> > client.sslTcpConnect();
> >
> > client.ssl
ess a call to SSL_CTX_set_session_id_context
is made."
That's why I thought server side session caching is disabled by default.
>
>
> On 14/06/17 02:03, Neetish Pathak wrote:
> > Thanks for your reply Salz. However, I want to know should the session
> > caching be en
leted, but it could be sometime later (or not at all)."
I think the server is not informing the session details to client at all in
my case and hence the resumption is not working. Can someone please suggest
how to resolve this.
Thanks
Best Regards,
Neetish
On Tue, Jun 13, 2017 at 6:03 PM, Neet
Thanks for your reply Salz. However, I want to know should the session
caching be enabled on server side for TLS 1.3 for session resumption.
Also, I need a clarification on how does resumption work in case of session
identifiers if server side caching is not enabled
Thanks
BR,
Neetish
On Tue,
Thanks Salz and Benjamin for your feedback. Indeed my Wireshark version was
unable to decode TLS 1.3. I got an update from the shared link.
I had one doubt about the server side session caching. I read that server
side server caching is disabled by default. Then, how is session resumption
Thanks Matt
On Thu, Jun 8, 2017 at 3:45 PM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 08/06/17 23:12, Neetish Pathak wrote:
> > Thanks.
> > I had one query regarding the TLS 1.3 implementation on server side. I
> > have a simple client server progra
t;m...@openssl.org> wrote:
>
>
> On 08/06/17 01:26, Neetish Pathak wrote:
> > Hello All,
> >
> > I am new to the Openssl community.
> > I am using the latest version of Openssl (with TLS 1.3 enabled) for
> > performance benchmarking. I wanted to know
Hello All,
I am new to the Openssl community.
I am using the latest version of Openssl (with TLS 1.3 enabled) for
performance benchmarking. I wanted to know if the session ticket support
for session resumption enabled;ed by default for OpenSSL TLS v 1.2 or it
needs to be explicitly enabled?
36 matches
Mail list logo
