Is it time to drop seccomp?
Richard Laager
rlaager at wiktel.com
Wed Feb 13 07:11:20 UTC 2019
On 2/12/19 11:52 PM, Hal Murray via devel wrote:
> I don't expect troubles from the crypto. It's the TCP/TLS that I'm suspicious
> of. TLS1.3 has lots of stuff in man pages that I don't understand about
> reusing connections. I'm pretty sure the idea is to avoid round trips when
> (re)starting a connection. It sounds like something that is likely to do
> obscure things and be hard to test.
I doubt that connection reuse is necessary for NTS-KE. It may even be
undesirable, if it results in the same session keys (which I don't know
if it does). We may want to simply turn off that feature in both the
client and server.
--
Richard
More information about the devel
mailing list