[openssl-users] Record aggregation with TLS Client

Michael Wojcik Michael.Wojcik at microfocus.com
Wed Jun 22 14:54:13 UTC 2016

By "a single packet", do you mean a single TCP segment?

No, there's no way to ensure they're sent in separate TCP segments. TCP segmentation is a function of the TCP/IP stack. And your application knows nothing about it anyway; TCP is a byte-stream protocol.

Why do you think you want to do this? (When people ask this question, for TLS or any other protocol, it almost always indicates that they don't understand TCP and have a broken design. TCP is not a record-based protocol.)

Michael Wojcik
Technology Specialist, Micro Focus

From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Rajeswari K
Sent: Tuesday, June 21, 2016 23:41
To: openssl-users at openssl.org
Subject: [openssl-users] Record aggregation with TLS Client

Hello Openssl users,

Having a query on when our device acitng as TLS Client, we observed that both client certificate and client key exchange messages are going in a single packet.

Is there any way to separate this? That means is there any option to avoid multiple records in a single packet?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160622/5050e572/attachment.html>

More information about the openssl-users mailing list