[Mono-bugs] [Bug 78075][Nor] Changed - Mono SSL stack performance/tuning issues

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Wed Apr 12 18:04:54 EDT 2006


Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by aidan at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=78075

--- shadow/78075	2006-04-12 17:13:50.000000000 -0400
+++ shadow/78075.tmp.30848	2006-04-12 18:04:54.000000000 -0400
@@ -294,6 +294,23 @@
 
 (*) there is no API to do so but in theory you could limit the client
 list of ciphers (down to a single one if required), then the server 
 would have the choice to (a) use that or (b) fail.
 
 p.s. I'm still curious about the cipher selection done using 6.6.2 :)
+
+------- Additional Comments From aidan at ximian.com  2006-04-12 18:04 -------
+The "best" cipher is the industry standard at the highest bit strength
+available.
+
+The server should not, normally, pick a suboptimal cipher at a
+suboptimal bit strength because it "knows" that the clients
+implementation is not fast "enough" for the client to saturate its
+network interface. If it's not acceptable for the current
+implementation to use it for the use case, it should not offer it in
+the first place. 
+
+If we're not going to optimise the implementation sufficently (and i
+realise that fast crypto is hard, but it's somewhat critical to modern
+network applications, and who writes an app that isn't network aware
+these days?) we should really at least add the possibility of removing
+it from the list.


More information about the mono-bugs mailing list