[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Question on layering

From: Paul Crowley
Subject: Re: [Monotone-devel] Question on layering
Date: Thu, 22 Feb 2007 16:47:40 +0000
User-agent: IceDove (X11/20061220)

Ethan Blanton wrote:
Paul Crowley spake unto us the following wisdom:
What proportion of the network traffic is MAC packets? That will go down when we switch to SSL.

There are no MAC "packets"; there is a MAC appended to every
higher-layer netsync object.  For small objects, that would be
nontrivial overhead.

That's what I meant. So a significant proportion of the stream is MAC; SSL would reduce our bandwidth demands noticeably. That sounds good.

However, as was discussed when the HMAC went in, SSL stream
authentication sort of solves a different problem from an HMAC on each
netsync entity.  It's not clear that one should go away in favor of
the other, at least to me.

It looks to me like they solve exactly the same problem - what do you see as the difference? The HMAC packets in Monotone are (slightly imperfectly) calculated to ensure not just that each individual packet is authentic, but that the stream of packets is authentic (ie came in that order with no gaps). SSL would authenticate the stream of bytes directly before it was broken up into packets, but the effect is exactly the same, isn't it?
\/ o\ Paul Crowley, address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]