On Fri, Jul 27, 2018 at 08:00:33PM +0000, brian m. carlson wrote:
I agree that we should lower this. I happen to think the overhead
involved in 64 KiB chunks isn't that significant, but if that's a
concern, we could raise it to 1 MiB. I'd like to point out, though,
that I suggested a smaller chunk size because that's what TLS has
traditionally done: most TLS implementations don't allow the full 16 MiB
chunk size for DoS reasons.
Can you expound on this more? It does not match my understanding of the
TLS ecosystem. (Also, isn't it 16K?)
Thanks,
Ben
Even if we do allow large chunk sizes, I expect most implementations
will limit them for security and DoS reasons, in which case we'll end up
with the same effective behavior, but poorer interoperability.
On almost any reasonable system with AES acceleration, encryption
throughput is faster than disk or gigabit network, so I hardly think the
encryption overhead is painful here, even for smaller ARM systems.
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp