On Tue, Jun 7, 2011 at 8:05 PM, Randy Fischer <randy.fisc...@gmail.com> wrote: > On Tue, Jun 7, 2011 at 7:09 PM, Nico Williams <n...@cryptonector.com> wrote: >> Or am I missing something? > > Well, last I tried it under apache, at least, there was a hard limit > on the length of > a TLS stream. Since I use HTTP for a storage system for multi-GB files, I'd > really love to see alternatives.
Really? But if it'd have to be pretty short for the cost of the subsequent TLS session resumption to add up to so much latency and compute cost that you'd want to avoid using TLS. Also, that sounds like a fixable bug. If you can implement this MAC proposal, you can fix that bug. Nico -- _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
