On Mon, 18 Aug 2008, bert hubert wrote:
On Mon, Aug 18, 2008 at 01:45:43PM -0400, Brian Dickson wrote:
The problem, I think, is TCP itself, not TCP support within
implementations. E.g. resource limits per IP address (16 bits of port
number) don't scale to current-size Internet scale.
It is possible to host >100000 connections on 1 IP address and 1 port, and
this happens in practice. Think, again, of webservers, which all have to
listen on port 80, yet support lots of clients simultaneously.
Bad example. One of the reasons we don't see more crypto per default on
web browsing is precisely the limitations of SSL/CA's on using SSL with
virtual host web sites. I'd hardly call the lack of port 443 a success
story.
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
