Hello, If somebody is using Kamailio in a larger environment with TLS, this new technical analysis and performance report from haproxy could be interesting: https://www.haproxy.com/blog/state-of-ssl-stacks
The bottom-line - OpenSSL 3.0 will show serious performance regressions for larger TLS services with higher performance requirements. OpenSSL 3.1 and newer versions are a bit better, but still much slower in key operations. You should consider using the tls_wolfssl module or stay on OpenSSL 1.1.1. For the medium- to long-term we probably should observe how other OpenSSL libraries are developing and act accordingly for the tls modules. The haproxy project recommends besides using wolfssl also the aws-lc library. The situation regarding OpenSSL 3.x seems to be not easily fixable, as these regressions are caused from internal design decisions. Cheers, Henning -- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://gilawa.com<https://gilawa.com/>
_______________________________________________ Kamailio - Development Mailing List -- sr-dev@lists.kamailio.org To unsubscribe send an email to sr-dev-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender!
