Re: How to download over https

To: debian-user@lists.debian.org
Subject: Re: How to download over https
From: Dan Purgert <dan@djph.net>
Date: Mon, 20 Jun 2016 12:01:56 -0000 (UTC)
Message-id: <[🔎] slrnnmfmpi.6b8.dan@xps-linux.djph.net>
References: <[🔎] 7927102.VQkD3l6WS7@tecra> <[🔎] slrnnm5ka8.6b8.dan@xps-linux.djph.net> <[🔎] 5762E678.8040007@plouf.fr.eu.org> <[🔎] slrnnm6241.6b8.dan@xps-linux.djph.net> <[🔎] 5764412A.8020502@plouf.fr.eu.org> <[🔎] 20160617195233.GB4069@well-adjusted.de> <[🔎] 57646CE6.3060104@plouf.fr.eu.org> <[🔎] slrnnmat51.6b8.dan@xps-linux.djph.net> <[🔎] 5765A6E1.1030300@plouf.fr.eu.org>

Pascal Hambourg wrote:
> Le 18/06/2016 18:19, Dan Purgert a écrit :
>> Pascal Hambourg wrote:
>>> Le 17/06/2016 21:52, Jochen Spieker a écrit :
>>>> Pascal Hambourg:
>>>>>
>>>>> Hmm. I don't know how SSL works, but HTTPS runs on top of TCP so I doubt
>>>>> that it cares about IP packet size. The task of splitting the TCP payload
>>>>> stream into IP packets is done by the TCP layer.
>>>>
>>>> Sure, but if your encryption scheme wastes payload in yout packets you
>>>> have more overhead for TCP/IP headers in each packet.
>>>
>>> Why would encryption increase the payload size ?
>>> Disk encryption with dm-crypt does not (except for the LUKS header).
>>
>> Because most encryption schemes use a standard blocksize (let's say 64
>> bytes), and those 'encrypted blocks' do not fit well into the max
>> payload size of a packet.
>>
>> More packets = more overhead.
>
> Again, why would whole encrypted blocks need to fit in packets ? TCP is 
> a stream-oriented transport protocol, so the encryption block size and 
> boundary does not matter.

Because the TCP "stream" is still encapsulated in IP packets / Ethernet
frames, and you cannot simply "break" an encrypted block at some
arbitrary point in order to make it fit nicely in the packet / frame.

-- 
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O|

Reply to:

Follow-Ups:
- Re: How to download over https
  - From: Nicolas George <george@nsup.org>

References:
- How to download over https
  - From: matthew <matthew@mdavis.xyz>
- Re: How to download over https
  - From: Dan Purgert <dan@djph.net>
- Re: How to download over https
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: How to download over https
  - From: Dan Purgert <dan@djph.net>
- Re: How to download over https
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: How to download over https
  - From: Jochen Spieker <ml@well-adjusted.de>
- Re: How to download over https
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: How to download over https
  - From: Dan Purgert <dan@djph.net>
- Re: How to download over https
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>

Prev by Date: Info: Proposal For Technical Language Translation Service
Next by Date: Re: jessie won't install/boot on a Dell Poweredge R815
Previous by thread: Re: How to download over https
Next by thread: Re: How to download over https
Index(es):
- Date
- Thread