<div dir="ltr">>
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Flow control really, really, *really* seems like an application-layer task to me in the case of TLS. I think adding it to TLS itself would be a mistake.</span>
<div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">This whole thread of messages kind of already concluded that this is not possible currently. You simply cannot implement proper flow control since doing so would potentially throttle writes, not just reads. You need a TLS data window to do it properly.</span></div></div><div class="gmail_extra"><br><div class="gmail_quote">2018-05-19 21:42 GMT+02:00 Michael Wojcik <span dir="ltr"><<a href="mailto:Michael.Wojcik@microfocus.com" target="_blank">Michael.Wojcik@microfocus.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">> From: Jordan Brown [mailto:<a href="mailto:openssl@jordan.maileater.net">openssl@jordan.<wbr>maileater.net</a>]<br>
> Sent: Saturday, May 19, 2018 14:08<br>
> To: <a href="mailto:openssl-users@openssl.org">openssl-users@openssl.org</a>; Michael Wojcik; Alex H<br>
<span class="">> Subject: Re: [openssl-users] Receive throttling on SSL sockets<br>
<br>
</span><span class="">> TLS could (but as far as I can tell does not) have such a mechanism. It could have a window, like TCP, where the receiver<br>
> would say "you can send me 64K of data", and the sender wouldn't be allowed to send data (but could send control<br>
> messages) when that window is exhausted, until the receiver reopens the window. It could have control messages like<br>
> XON and XOFF that say "please stop sending me data (but control is OK)" and "resume sending data".<br>
<br>
</span>Hey, if we're all bored with reinventing TCP on top of UDP, we can reinvent TCP on top of TCP!<br>
<span class=""><br>
> It does seem like some sort of flow control would be desirable, so that the receiver doesn't have to have some way to<br>
> handle arbitrarily large amounts of data to keep the connection healthy.<br>
> Maybe in TLS 1.4.<br>
<br>
</span>Good lord, isn't TLS complicated enough already? How many pages is the new edition of /Bulletproof TLS/? (I don't know because I have it in Kindle form. But it's long. Loooooong.)<br>
<br>
Flow control really, really, *really* seems like an application-layer task to me in the case of TLS. I think adding it to TLS itself would be a mistake.<br>
<span class="im HOEnZb"><br>
Michael Wojcik<br>
Distinguished Engineer, Micro Focus<br>
<br>
<br>
<br>
</span><div class="HOEnZb"><div class="h5">-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
</div></div></blockquote></div><br></div>