On Tue, 5 Dec 2017 19:21:50 +
"Salz, Rich via openssl-dev" wrote:
> There is never any reason to use this in TCP-based TLS;
> that was an OpenSSL bug that enabled it there.
I opened an issue for this bug, so it can be fixed:
thanks Hanno and Rich.
On Tue, 12/5/17, Hanno Böck <ha...@hboeck.de> wrote:
Subject: Re: [openssl-dev] frequency and size of heartbeat requests
To: openssl-dev@openssl.org
Cc: "Jitendra Lulla" <lull...@yahoo.com>
Date: Tuesda
On Tue, 5 Dec 2017 19:14:41 + (UTC)
Jitendra Lulla via openssl-dev wrote:
> Could the solution be a restricted count of HB requests along with a
> timer?
No, the solution is to disable TLS heartbeats.
I actually wanted to bring this up when I recently noticed that
The purpose of the HEARTBEAT message is for DTLS applications to determine the
maximum packet size and tune the application records accordingly. There is
never any reason to use this in TCP-based TLS; that was an OpenSSL bug that
enabled it there.
The usefulness of HEARTBEAT even in DTLS is