[Mono-dev] SSL Channel implementation and SslServerStream
pablosantosluac at terra.es
Mon Dec 17 15:44:07 EST 2007
> Converting the certificate between the minimal MS X509Certificate and
> the Mono.Security X509Certificate is a very simple process. This could
> be cached but this, alone, won't influence much performance.
Well, actually caching the line I mentioned (I've already tried with the
same sample I sent to the list last week, creating about 300 connections),
increases performance about 50%, but yes, when connections are started from
the same client.
> The key exchange does an expensive RSA operation, but it cannot be
> cached in ServerContext.
Yes, I've seen that too. I guess this is the other line I pointed.
> Now what *could* help is implementing a session cache in the
> server. However this helps only caching a session between the
> server and a single client - you cannot share a session between multiple
Right, this is more or less what I said, isn't it? I mean, caching somehow
the initial RSA calculation done in the X509Certificate.
> That being said the server code won't scale to support, efficiently, 350
> sessions. If you need high performance SSL code don't look at a managed
> implementation (and IMO consider hardware acceleration).
Well, that's an interesting answer. Do you mean it is better to implement a
high-perf server on C than Mono/C#? Or do you just talk about implementing a
whole SSL channel in C? If so, how? Could you point any samples? I'm not
familiar with SSL, which hw acceleration would do it better?
More information about the Mono-devel-list