On 03/20/2014 01:31 AM, Matthew Hall wrote:
Is there an existing method for determining valid PMTU from inside of Java? If
not then supplying correct segment size to whatever DTLSEngine (or however
it's named) class would be non-trivial and could require native code.
If there is not such support, then a separate spec would be needed to add that
support, before it would be possible to get the new DTLS support to work very
reliably.
I don't think it's wise to rely on PMTU for UDP. It's not going to work
reliably over the Internet. Extensive kernel support only exists on
Linux (and people argue that it's against the RFC). The BSD sockets API
cannot properly report ICMP errors even if the network generates.
Is this really required for DTLS?
--
Florian Weimer / Red Hat Product Security Team
