[security-dev 00053]: Re: DTLS design

Christian Uebber briefkasten at uebber.de
Sun Jan 27 06:29:44 PST 2008


Am 27.01.2008 um 11:54 schrieb Florian Weimer:

> * Christian Uebber:
>
>> TLS over TCP could attach session information to created sockets in a
>> 1:1 relationship.
>
> There's a separate class for non-TCP (but TCP-like) TLS called
> SSLEngine.  Perhaps you can expose a similar class for DTLS?  This  
> way,
> your implementation would not be tied to UDP.
>

SSLEngine is very interesting. It would be nice to have the something  
similar or an extended version for packet oriented data. My initial  
plan was finishing the work on the possibly simpler blocking parts and  
then to continue towards the nio-classes. But I may also go for a nio  
centered approach from the beginning and build the TLSDatagramSocket  
on top of that.



More information about the security-dev mailing list