Mailing List Archive

From:: Kirill A. Korinsky <kirill@korins.ky>
Subject:: Re: tcpbench + tls
To:: Theo Buehler <tb@theobuehler.org>
Cc:: Jan Klemkow <jan@openbsd.org>, tech@openbsd.org
Date:: Wed, 24 Jul 2024 13:22:48 +0200

Download raw body.

Thread

2024-07-24 07:19 Jan Klemkow:
tcpbench + tls
- 2024-07-24 08:34 Theo Buehler:
  tcpbench + tls
- - 2024-07-24 11:22 Kirill A. Korinsky:
    tcpbench + tls
  - 2024-08-02 20:55 Jan Klemkow:
    tcpbench + tls
  - - 2024-08-02 21:04 Jan Klemkow:
      tcpbench + tls

On Wed, 24 Jul 2024 10:34:19 +0200,
Theo Buehler <tb@theobuehler.org> wrote:
> 
> I think a first step should require the operator to point the server at
> cert/key PEM files (which could be generated per ssl(8), easyrsa/mkcert/...
> from acme-client or whatever other source).
>

Also, used Certificate may change used Cipher that may has some effect on
handshake time. Special if it leads to ECC vs RSA, or RSA with larger modulo.

-- 
wbr, Kirill

2024-07-24 07:19 Jan Klemkow:
tcpbench + tls
- 2024-07-24 08:34 Theo Buehler:
  tcpbench + tls
- - 2024-07-24 11:22 Kirill A. Korinsky:
    tcpbench + tls
  - 2024-08-02 20:55 Jan Klemkow:
    tcpbench + tls
  - - 2024-08-02 21:04 Jan Klemkow:
      tcpbench + tls