At Wed, 20 Aug 2008 11:59:48 -0700, Alex Pankratov wrote: > > May I ask what you're trying to accomplish? Recall that TLS doesn't > > start until a TCP connection has been established, so there's > > aready a proof of the round trip. > > > > That said, a mechanism of this type has already been described > > for DTLS (RFC 4347), so no new invention would be needed. > > My comment was in a context of a thread discussing Obfuscated TCP. > > One of the suggestions was to piggyback SSL handshake on TCP > handshake, to which someone pointed at an issue with SYN-flood > like DoS attacks. My response was to the latter comment.
Well, as I stated in the original discussion on obfuscated TCP (on TCPM), I'm not convinced that the latency problem is that severe, and if it is there are a number of potential performance improvements one could make to TLS before one started screwing around with TCP. -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
