Geoffroy Couprie
Geoffroy Couprie
see references: https://www.usenix.org/legacy/event/usenix04/tech/general/full_papers/brecht/brecht_html/paper.html https://people.eecs.berkeley.edu/~brewer/cs262/Pariag07.pdf
see for comparison https://natsys-lab.blogspot.fr/2014/11/the-fast-finite-state-machine-for-http.html and https://natsys-lab.blogspot.fr/2016/10/http-strings-processing-using-c-sse42.html
we already have a way to parse HTTP 1 responses, we need a way to serialize a HTTP response (previous HTTP proxy was just piping raw bytes from front to...
https://honeycomb.io/blog/2017/02/instrumenting-high-volume-services-part-1/ https://honeycomb.io/blog/2017/03/instrumenting-high-volume-services-part-2/ https://honeycomb.io/blog/2017/03/instrumenting-high-volume-services-part-3/
https://netdevconf.org/1.2/papers/ktls.pdf currently, splicing is not activated (even though a lot of code already exists for it), and it would only work for unencrypted connections. With kTLS, it could also work...
the `BufferQueue` implementation is very specific to the HTTP 1 proxy, awkward to use in the `Pipe` protocol, and probably unusable for HTTP/2. I propose the following steps: - use...
Right now, there's a high coupling between front and back sockets in most proxy implementations, especially due to the [BufferQueue implementation](https://github.com/sozu-proxy/sozu/blob/d1c43475340256d6c6f876f6e0a02806e4bf73e6/lib/src/buffer_queue.rs) and the HTTP implementation. For HTTP/2 it would be...
Right now, connections to backends are done in plain TCP. We should support connecting to backends in TLS. Issues that can appear: - certificate validation: do we use a certificate...
certificate revocation information can be obtained through the OCSP protocol, but this is typically dangerous for production deployments if it blocks the TLS handshake. Now it's possible to predownload the...
there's an external tool called [sozu-acme](https://github.com/sozu-proxy/sozu-acme) that can set up certificates in sozu. It works well but must be run manually. Now that sozu has a better futures executor in...