Re: [Nbd] STARTTLS and DH parameters and GnuTLS initialisation

To: Wouter Verhelst <w@...112...>
Cc: "nbd-general@lists.sourceforge.net" <nbd-general@lists.sourceforge.net>
Subject: Re: [Nbd] STARTTLS and DH parameters and GnuTLS initialisation
From: Alex Bligh <alex@...872...>
Date: Wed, 9 Nov 2016 22:52:25 +0000
Message-id: <7C2A91DB-6C81-4386-A096-1B31A45E3F3C@...872...>
In-reply-to: <20161109224821.x73tcjwfllqyeuo4@...3...>
References: <B6FB265D-AE20-479E-A7D1-3100CEBF0C71@...872...> <20161109224821.x73tcjwfllqyeuo4@...3...>

> On 9 Nov 2016, at 22:48, Wouter Verhelst <w@...112...> wrote:
> 
> Right. I simply took that from the example in the GnuTLS documentation,
> but I suppose you're probably right and we could do it once per
> nbd-server run rather than once per STARTTLS command. On my laptop (a
> reasonably recent Core i7) it takes about a second for the DH parameters
> to be generated (in the debugger, at least), so it's certainly something
> that might incur performance problems on less powerful hardware.

Suggest doing it once on server start up, with an option to skip it
entirely (for those on Raspberry Pis or similar)

-- 
Alex Bligh

Reply to:

References:
- [Nbd] STARTTLS and DH parameters and GnuTLS initialisation
  - From: Alex Bligh <alex@...872...>
- Re: [Nbd] STARTTLS and DH parameters and GnuTLS initialisation
  - From: Wouter Verhelst <w@...112...>

Prev by Date: Re: [Nbd] STARTTLS and DH parameters and GnuTLS initialisation
Next by Date: Re: [Nbd] Almost ready for release?
Previous by thread: Re: [Nbd] STARTTLS and DH parameters and GnuTLS initialisation
Next by thread: Re: [Nbd] [PATCH][V4] nbd: add multi-connection support
Index(es):
- Date
- Thread