PleasantMachine9
PleasantMachine9
# Testing the grpcbox client I used the grpc/examples/python/helloworld: * https://github.com/grpc/grpc/blob/master/examples/protos/helloworld.proto coped into the `./proto` dir, then ran `rebar3 grpc gen proto/helloworld.proto`, * Used server: https://github.com/grpc/grpc/blob/master/examples/python/helloworld/greeter_server.py and changed `server.add_insecure_port('[::]:50051')` to...
> src/grpcbox_subchannel.erl Since the server side does not work with unix sockets (in this PR), not sure how this could be tested in-repo.
On topic of testing difficulties in-repo, I did make an experimental commit for the server-side support too out of curiosity, but it seems quite a bit more complicated than client...
Some short initial comments below. It's a bit disorganised becuase it's hard to collect all details. In the current impl. proposal, the TLS sessions would live on the HTTPSConnection level,...
### Should we be setting OP_NO_TICKET on all connections in v1.25.x (cc @tiran) to mitigate servers sending us tickets we drop on the floor? It makes no sense to allow...
> The majority of servers at least supports TLS 1.3. There is no OpenSSL, BoringSSL or NSS version without TLS 1.3 support that is supported by upstream. I see two...
The SSLContext objects are saved between reconnections already in the current `urllib3` impl, based on the code (on HTTPSConnection level, not pool level). On TLSv1.3, you are right, it looks...
So to sum up current points about the original topic > TLS session resumption is tricky to use with TLS 1.2. IIRC clients should only use a ticket when the...
> ChaCha20 is a stream cipher, and I have not seen any stream cipher being used for full disk encryption. Due to FDE contraints, using stream cipher for FDE is...
Also, regarding adiantum, **even on an AMD Ryzen CPU it is 4-10x faster than AES-256-XTS for 4096 block size**(according to their benchmark tool ran locally (with software-only instructions)~~, so it's...