Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for HTTP/TLS/TCP #27

Open
mnm364 opened this issue Jan 28, 2021 · 4 comments
Open

Support for HTTP/TLS/TCP #27

mnm364 opened this issue Jan 28, 2021 · 4 comments

Comments

@mnm364
Copy link

mnm364 commented Jan 28, 2021
edited

Hey Maintainers!

Generally inquiring if there is a timeline/roadmap to support the HTTP/TLS/TCP components of the Golden Gate stack that are referenced in the documentation but not yet implemented? Furthermore, if you can comment, is this something that is slated to be externalized or would this project benefit from net-new contributions to those parts of the stack? Please advise.

Thanks!
@mnm364 mnm364 changed the title Support for HTTP/TLS/TCP Stack Support for HTTP/TLS/TCP Jan 28, 2021
@barbibulle
Copy link
Contributor

We do have some work-in-progress branch for adding TCP sockets and TLS support for those sockets. Not sure yet exactly when those would be stable enough to share. I'll take a look. As far as HTTP, we haven't started that. I is likely that we'd want to just have socket-api adapters for an existing HTTP client library, because there are a bunch of good ones out there that would work well with the rest of the library. The key element for a choice would be to use one that uses an async/non-blocking parsing model, because that's what would work the best with the rest of the framework. If you know of good candidate HTTP libraries that work that way, I'd love to take a deeper look.

@mnm364
Copy link
Author

mnm364 commented Jan 28, 2021
edited

Thanks for that information and context. I really appreciate your fast responses. Could you point to the branch in question? I took a look at those listed but none of them pop out as obvious candidates.

Also, if I may ask a follow-up.. in general what inspires the need to re-implement these protocols (HTTP, TLS) when we can take advantage of the implementations already included in respective platforms (iOS, Android)? Is this merely for cross-platform considerations or is there some performance consideration with being able to control the network stack in a more fine-grained manner?

@nilstk
Copy link

nilstk commented May 5, 2021

Just in case usual TLS/SSL is still open (I'm still reading the docu), I'd would be in favor of it as well.

@mnm364 I don't know their reasons, but I'm seeking an additional security layer, because Bluetooth is cracked. If you look for the KNOB attack in the scientific community, you will find information that the session key can be reduced to 1 byte (classic) and 7 bytes (LE) just by an attacker requesting it. That renders BT's encryption pretty much useless and we are required to add an additional encryption layer.

@nilstk
Copy link

nilstk commented Jun 10, 2021

@barbibulle is it possible to get access to your TCP/TLS solution with socket-api adapters maybe? Do you plan to release it any time soon?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@barbibulle @nilstk @mnm364