On 11/18/2014 10:46 AM, Nico Williams wrote: >> AFAICT that would require the specification of a new API over TCP; >> > otherwise, you have to translate TLS's expectation of a reliable, >> > byte-ordered stream into what TCP provides within TCP (which is neither). > > Not in the design I gave, which could be implemented using entirely > private interfaces, with TLS session state exported via socket options.
I'm speaking of the private interface. Yes, it could be implementation-specific, but if you are intending to define a complete spec for using SSL over raw TCP segments you first have to explain what you expect from raw TCP segments. Joe _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc