<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
I should make it clear that I don't have a stake here. Lack of flow
control hasn't caused me problems personally, and I'm not
responsible for implementing and maintaining a TLS infrastructure.
This is purely an intellectual exercise for me.<br>
<br>
There were comments suggesting that, because TLS is an
ordered-byte-stream protocol that needs control messages in both
directions at all times, TLS couldn't support flow control. That
seems clearly wrong; it clearly could. (As you say, we could just
layer TCP on top of it.)<br>
<br>
Should it? My mild feeling is "yes", since it's already got a
record and control message structure and so it wouldn't be necessary
to invent another protocol on top of it. Yes, that makes TLS more
complicated, but would it be any more complicated than an additional
application-visible layer would be? It seems like the answer is
that any complexity from a TLS-layer implementation would be
primarily in the TLS implementation, whereas an additional layer
would necessarily impose complexity on the application, over and
above the complexity of the flow control implementation itself.<br>
<pre class="moz-signature" cols="72">--
Jordan Brown, Oracle Solaris</pre>
</body>
</html>