[cabfperf] Kicking off the Certificate Contents Discussion
Wayne Thayer
wthayer at godaddy.com
Thu May 1 09:21:55 MST 2014
Thanks Tom, I've added these to the tracker and draft recommendation list (https://cabforum.org/performance-wg-issue-tracker/performance-wg-draft-recommendations/).
A Recommendation on TLS record size makes sense to me - I need to read these posts that you referenced to form an opinion on what that recommendation should be:
http://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/
http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte/
The Cached Info Extension defined in http://tools.ietf.org/html/draft-ietf-tls-cached-info-16 looks like it will provide the mechanism needed for clients to signal what certs they need from the server. I think this work belongs in the IETF TLS WG, but wonder if there are improvements that our group can contribute?
Wayne
-----Original Message-----
From: Tom Ritter [mailto:tom at ritter.vg]
Sent: Monday, April 21, 2014 2:46 PM
To: Wayne Thayer
Cc: Gervase Markham; performance at cabforum.org
Subject: Re: [cabfperf] Kicking off the Certificate Contents Discussion
On 21 April 2014 12:29, Wayne Thayer <wthayer at godaddy.com> wrote:
> Good point Gerv. I've updated the page accordingly:
>
> https://cabforum.org/performance-wg-issue-tracker/performance-wg-draft
> -recommendations/
A couple other things (maybe to put under 'Future' on the tracker?) are the Cached Info draft[0] for removing the chain completely and recommendations around the TLS record size[1].
-tom
[0] http://tools.ietf.org/html/draft-ietf-tls-cached-info-16 or a worse approach:
https://cabforum.org/pipermail/performance/2014-February/000009.html
[1] https://cabforum.org/pipermail/performance/2014-February/000008.html
More information about the Performance
mailing list