Re: [openssl-dev] frequency and size of heartbeat requests

In the particular application where I used both TLS and DTLS, application-layer heartbeats were used, and it gave the app visibility into the connection status. I agree, TLS/DTLS Heartbeats aren’t very useful. -- -Todd Short // tsh...@akamai.com // "One if by land, two i

Re: [openssl-dev] frequency and size of heartbeat requests

On Tue, 5 Dec 2017 19:21:50 + "Salz, Rich via openssl-dev" wrote: > There is never any reason to use this in TCP-based TLS; > that was an OpenSSL bug that enabled it there. I opened an issue for this bug, so it can be fixed: https://github.com/openssl/openssl/issues/4856 -- Hanno Böck http

Re: [openssl-dev] frequency and size of heartbeat requests

thanks Hanno and Rich. On Tue, 12/5/17, Hanno Böck wrote: Subject: Re: [openssl-dev] frequency and size of heartbeat requests To: openssl-dev@openssl.org Cc: "Jitendra Lulla" Date: Tuesday, December 5, 2017, 9:59 PM On Tue, 5 Dec

Re: [openssl-dev] frequency and size of heartbeat requests

On Tue, 5 Dec 2017 19:14:41 + (UTC) Jitendra Lulla via openssl-dev wrote: > Could the solution be a restricted count of HB requests along with a > timer? No, the solution is to disable TLS heartbeats. I actually wanted to bring this up when I recently noticed that OpenSSL still enables the

Re: [openssl-dev] frequency and size of heartbeat requests

The purpose of the HEARTBEAT message is for DTLS applications to determine the maximum packet size and tune the application records accordingly. There is never any reason to use this in TCP-based TLS; that was an OpenSSL bug that enabled it there. The usefulness of HEARTBEAT even in DTLS is pro