On Fri, Jun 28, 2013 at 1:23 PM, Michael Thomas <m...@mtcc.com> wrote:
> On 06/28/2013 01:16 PM, Josh Hoppes wrote: > >> My first question is, how are they going to keep themselves from >> congesting links? >> > > The FAQ claims they're paying attention to that, but I haven't read the > details. I sure hope they grok that not understanding Van Jacobson dooms > you to repeat it. > Van is at Google. Much grokking is going on. -Scott > > https://docs.google.com/**document/d/**1lmL9EF6qKrk7gbazY8bIdvq3Pno2X** > j_l_YShP40GLQE/preview?sle=**true#heading=h.h3jsxme7rovm<https://docs.google.com/document/d/1lmL9EF6qKrk7gbazY8bIdvq3Pno2Xj_l_YShP40GLQE/preview?sle=true#heading=h.h3jsxme7rovm> > > Mike > > > >> On Fri, Jun 28, 2013 at 3:09 PM, Michael Thomas <m...@mtcc.com> wrote: >> >>> http://arstechnica.com/**information-technology/2013/** >>> 06/google-making-the-web-**faster-with-protocol-that-** >>> reduces-round-trips/?comments=**1<http://arstechnica.com/information-technology/2013/06/google-making-the-web-faster-with-protocol-that-reduces-round-trips/?comments=1> >>> >>> Sorry if this is a little more on the dev side, and less on the ops side >>> but >>> since >>> it's Google, it will almost certainly affect the ops side eventually. >>> >>> My first reaction to this was why not SCTP, but apparently they think >>> that >>> middle >>> boxen/firewalls make it problematic. That may be, but UDP based port >>> filtering is >>> probably not far behind on the flaky front. >>> >>> The second justification was TLS layering inefficiencies. That definitely >>> has my >>> sympathies as TLS (especially cert exchange) is bloated and the way that >>> it >>> was >>> grafted onto TCP wasn't exactly the most elegant. Interestingly enough, >>> their >>> main justification wasn't a security concern so much as "helpful" middle >>> boxen >>> getting their filthy mitts on the traffic and screwing it up. >>> >>> The last thing that occurs to me reading their FAQ is that they are >>> seemingly trying >>> to send data with 0 round trips. That is, SYN, data, data, data... That >>> really makes me >>> wonder about security/dos considerations. As in, it sounds too good to be >>> true. But >>> maybe that's just the security cruft? But what about SYN cookies/dos? >>> Hmmm. >>> >>> Other comments or clue? >>> >>> Mike >>> >>> > >
