New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MPTCP and KTLS support #480
Comments
FYI: lighttpd 1.4.68 (released Jan 2023) supports KTLS in lighttpd mod_openssl and lighttpd mod_gnutls |
@gstrauss Thank you, I got the wrong version, I just updated the description to reflect that! |
@gstrauss if you don't mind me asking here, regarding KTLS and lighttpd, what's the main reason to support it? From what I read on your wiki, when the encryption is done by the kernel in software ( This would help us to prioritise this task. The harder bit for us might be to get compatible HW. |
There are numerous reasons to support kTLS, though I won't try to enumerate them all here. As you noted, one is hardware encryption offload with supporting hardware. On the other hand, for simple hardware and embedded systems, being able to |
@gstrauss thank you for your reply!
I didn't know OpenSSL was using zero-copy + TLS, good to know this is used by well known libs. |
For more details: See OpenSSL |
Thank you for the refs! |
Currently, an MPTCP socket cannot support other TCP ULP extensions. This includes KTLS.
KTLS is supported in GnuTLS and OpenSSL libraries. It is then tempting to use it without too much of an effort, e.g. lighttpd is using KTLS with OpenSSL and GnuTLS if available since January 2023.
It might be good to see if KTLS and MPTCP subflows hooks can be chained somehow.
The text was updated successfully, but these errors were encountered: