[Mono-dev] SSL Channel implementation and SslServerStream
pablosantosluac
pablosantosluac at terra.es
Mon Dec 17 15:44:07 EST 2007
Hi Sebastien,
> Converting the certificate between the minimal MS X509Certificate and
> the Mono.Security X509Certificate is a very simple process. This could
> be cached but this, alone, won't influence much performance.
Well, actually caching the line I mentioned (I've already tried with the
same sample I sent to the list last week, creating about 300 connections),
increases performance about 50%, but yes, when connections are started from
the same client.
> The key exchange does an expensive RSA operation, but it cannot be
> cached in ServerContext.
Yes, I've seen that too. I guess this is the other line I pointed.
> Now what *could* help is implementing a session cache in the
> server[1][2]. However this helps only caching a session between the
> server and a single client - you cannot share a session between multiple
> clients.
Right, this is more or less what I said, isn't it? I mean, caching somehow
the initial RSA calculation done in the X509Certificate.
> That being said the server code won't scale to support, efficiently, 350
> sessions. If you need high performance SSL code don't look at a managed
> implementation (and IMO consider hardware acceleration).
Well, that's an interesting answer. Do you mean it is better to implement a
high-perf server on C than Mono/C#? Or do you just talk about implementing a
whole SSL channel in C? If so, how? Could you point any samples? I'm not
familiar with SSL, which hw acceleration would do it better?
Thanks,
pablo
More information about the Mono-devel-list
mailing list