Hi,
I want to propose a base draft enhancement for UDP transport:
When a Reload request and response is exchanged between two and only two
peers (single hop, no forwarding peer) using DTLS/UDP, the responding
peer should have the option of sending both the ACK frame for the
request and the DATA frame of the response (or its first fragment) in a
single DTLS/UDP packet. Therefore, the combined PDU before DTLS
encryption will be:
[ACK frame]
[DATA frame]
[RELOAD header]
[RELOAD message]
[Security block]
or
[ACK frame]
[DATA frame]
[RELOAD header]
[First message fragment]
The logical order of the combined PDU is identical to that of a TLS/TCP
response if you take D/TLS and fragmentation out of the picture, so the
impact on programming complexity is small. The benefits are obvious: 50%
reduction on network traffics, encryption, decryption, etc.
A while ago, I proposed another single hop enhancement, which says that
the security block of a single hop request and response may be left
empty, because both parties are authenticated on the TLS and DTLS level.
Both of these single hop enhancements should be considered and
reconsidered. Please make your opinions known.
Thank you
Michael Chen
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
