On 15/11/2016 09:20, "TLS on behalf of Martin Thomson" <tls-boun...@ietf.org on behalf of martin.thom...@gmail.com> wrote: >This means that you can guarantee privacy, but it forces >the server to do an exhaustive search of all of its active connections >(that is, O(N)) when it gets a 5-tuple mismatch.
I don't think I follow. You'd use CID as primary key to index your security contexts. So, regardless your 5-tuple matches or not you'd do your O(1) lookup in the CID table and find the associated security context. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls