[cap-talk] A petname toolbar for Firefox
Mark Miller
markm at cs.jhu.edu
Mon Feb 21 11:46:50 EST 2005
Ian G wrote:
> Payments are transaction elements, and should be
> treated as datagrams for reliability purposes. TLS
> is a connection-oriented protocol (over TCP/IP) so
> it suffers unreliability artifacts at a couple of edge
> cases.
What edge cases?
> A reliable application must overcome those,
> so the end result of using a connection oriented
> protocol is that you have to layer datagrams over
> a connection protocol. Why bother?
1) To amortize the public key operations and the handshake that's needed to
get from public keys to MITM-resistant shared secret keys.
2) To allow later transaction requests on the same connection to rely on the
guarantee that they won't be delivered unless all earlier requests sent on the
same connection were already delivered.
> Once you've
> secured the payments at the datagram level, just
> send a UDP packet.
Do you propose to separately sign each UDP packet? Are you arguing that this
is cheaper?
> The only reason to use TLS for a packet oriented
> application like payments would be the convenience
> of having all the crypto done for you. But you pay
> a steep price for that, in terms of reliability.
I don't get it. What price?
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list