Re: [openssl-dev] frequency and size of heartbeat requests

On Tue, 5 Dec 2017 19:21:50 + "Salz, Rich via openssl-dev" wrote: > There is never any reason to use this in TCP-based TLS; > that was an OpenSSL bug that enabled it there. I opened an issue for this bug, so it can be fixed:

Re: [openssl-dev] frequency and size of heartbeat requests

thanks Hanno and Rich. On Tue, 12/5/17, Hanno Böck <ha...@hboeck.de> wrote: Subject: Re: [openssl-dev] frequency and size of heartbeat requests To: openssl-dev@openssl.org Cc: "Jitendra Lulla" <lull...@yahoo.com> Date: Tuesda

Re: [openssl-dev] frequency and size of heartbeat requests

On Tue, 5 Dec 2017 19:14:41 + (UTC) Jitendra Lulla via openssl-dev wrote: > Could the solution be a restricted count of HB requests along with a > timer? No, the solution is to disable TLS heartbeats. I actually wanted to bring this up when I recently noticed that

Re: [openssl-dev] frequency and size of heartbeat requests

The purpose of the HEARTBEAT message is for DTLS applications to determine the maximum packet size and tune the application records accordingly. There is never any reason to use this in TCP-based TLS; that was an OpenSSL bug that enabled it there. The usefulness of HEARTBEAT even in DTLS is