[
https://issues.apache.org/jira/browse/PROTON-136?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13504682#comment-13504682
]
Rafael H. Schloming commented on PROTON-136:
--------------------------------------------
Ken: A couple comments on the API proposal.
I think given the fact that we have pn_session_t and pn_link_t elsewhere in the
API, the pn_ssl_session_t and pn_ssl_link_t names are somewhat unfortunate. ;-)
I'd also suggest that we can probably do what you're suggesting while
preserving compatibility with the current API if we split the other way, i.e.
introduce a new object for the top level and keep pn_ssl_t as the per transport
thing. For example we could introduce pn_ssl_config_t that can encapsulate all
the credential config stuff that you can currently do directly on pn_ssl_t. We
could then provide the option to configure a pn_ssl_t by supplying a
pn_ssl_config_t wholesale. We could then deprecate and later remove the
credential related stuff on pn_ssl_t also, or just leave it as convenience API
if we wish.
Affan: To answer your question, my intention would be to use this in messenger,
but probably not expose it directly as messenger doesn't provide users direct
control over or access to connections.
> Add support for SSL session resumption
> --------------------------------------
>
> Key: PROTON-136
> URL: https://issues.apache.org/jira/browse/PROTON-136
> Project: Qpid Proton
> Issue Type: New Feature
> Components: proton-c
> Affects Versions: 0.3
> Reporter: Affan Dar
> Assignee: Ken Giusti
> Labels: ssl, sslContext, sslresume
>
> Open SSL supports resumption of SSL sessions which by-pass the heavy SSL
> handshake process. This is critical for scenarios involving low powered
> devices especially on cellular data networks where bandwidth is precious.
> It would be great if Proton exposes this ssl resume feature to users. .
> From: rhs [mailto:rschlom...@gmail.com]
> Sent: Tuesday, November 13, 2012 11:34 AM
> To: Affan Dar
> Cc: David Ingham
> Subject: Re: SSL session resumption
> On Tue, Nov 13, 2012 at 8:05 PM, Affan Dar <affan...@microsoft.com> wrote:
> >>Serializing/restoring the whole session state for the messenger will work
> >>for the scenario I think.
> Ok, let's start with this step then. I'm open to providing something finer
> grained if there is a need, but my preference is to keep it simple for the
> moment.
>
> >>One more thing, RFC 5077 has another flavor of session resumption which
> >>openssl supports (original >>implemented as RFC 4057 back in 2007 I think).
> >>This allows us to resume sessions without carrying state >>on the server
> >>side which as you can imagine is a big deal for service vendors. Probably
> >>there is no API >>level impact if messenger handles the session state
> >>itself but just wanted to put this on your radar.
> Ok, good to know.
> Could one of you file a JIRA for this upstream? I'm trying to get things a
> little more organized on the process front and keep everything centralized in
> JIRA. ;-)
> --Rafael
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
