Ian G <[EMAIL PROTECTED]> writes: > This is what Guus was getting at: > > > - We needed to tunnel data over UDP, with UDP semantics. > SSL requires a reliable stream. Therefore, we had to > use something other that SSL to tunnel data.
The version of SSL (which is officially called TLS) that does this is called "DTLS". It has already existed for some time now. > To put it in more fundamental terms, TLS assumes that what you want is > a stream. If you want packets, then TLS is a millstone around your > neck. That's why you use "Datagram TLS", aka "TLS if your app needs UDP instead of TCP". If you want to learn more about DTLS, this Wikipedia page: http://en.wikipedia.org/wiki/DTLS points at the RFC, which is here: http://tools.ietf.org/html/rfc4347 OpenSSL has had DTLS support for a while, so there is unencumbered code for you to roll into your app for the purpose any time you like. > Advising TLS for a packet delivery requirement is simply "wrong." DTLS is there for packet delivery. -- Perry E. Metzger [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]