Grant Edwards <grant.b.edwa...@gmail.com> writes: > I've actually got plenty of RAM. I just can't afford the CPU time it > takes to do the public-key crypto stuff that happens each time an SSL > connection starts up.
I think you should only have to do that once, then use TLS session resumption for additional connections. There is also something called TLS-PSK in TLS 1.3. Do you mind saying the application, and what clients you have to support? What TLS stack are you using? There is generally also a way to configure browsers to limit the number of outgoing connections. I'll probably be meeting with some TLS experts tomorrow night for unrelated reasons, so I can ask them about this if you want. -- https://mail.python.org/mailman/listinfo/python-list
