[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Re: Intent to implement DTLS
|
From: |
Simon Josefsson |
|
Subject: |
[gnutls-dev] Re: Intent to implement DTLS |
|
Date: |
Mon, 09 May 2005 12:43:03 +0200 |
|
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
Guus Sliepen <address@hidden> writes:
> Implementing it will be a bit harder than I thought at first sight. The
> problem is that internally, GNUTLS has no clear seperation between the
> layers involved in TLS, and it is heavily biased towards TCP. This
> combination is a disaster for me :). I see two ways to proceed.
Ouch.
> 1) Create copies of all handshake, record and transport layer functions
> and modify them to do DTLS instead of TLS. This means lots of code
> duplication, but at least it won't mess with the existing code.
>
> 2) "Fix" the current code by (re)introducing a clean separation between
> the handshake, record and transport layer, and remove the bias towards
> TCP. This means adding DTLS on top of it will be painless and there
> won't be lots of code duplication. However it will touch a lot of
> existing code.
>
> I strongly favour the second way, but if that means the chances of
> having it merged are nihil, I'll go with the first way.
I would not want to have the 1) situation. Duplicated code is painful
to maintain. I don't know how deep the modifications 2) would be, but
I'd vote for going that route too, even if it mean more work
initially. Perhaps Nikos has more input.
/Simon