RPGWatch Forums - View Single Post - This week in computer security
View Single Post


April 13th, 2014, 18:32
Thanks for the link. Didn't realize Seggelmann authored the spec too so I will blame him after all. You win.

I still don't see the point of arbitrary content in this spec? In TLS over UDP you do not have TCP heartbeats available so an inbuilt heartbeat in the protocol is ok to me but why can I request messages of 16K bytes from the server? TCP heartbeats have a data length of one byte to my recollection because routers can optimize out the packet if its payload data is zero length. It seems to want to use the heartbeat as an MTU probe as well which IMNSHO should be something more appropriate and closer to how TCP connections are supposed to work and negotiated upfront or part of the application. But then again I'm in industrial automation space and use heartbeats for liveliness checks not for path discovery. The next is that it is available to TCP connections and really has no place there.[/RANT]
figment is offline


figment's Avatar
Keeper of the Watch
Original Sin 1 & 2 Donor


Join Date: Apr 2010
Posts: 667
Mentioned: 0 Post(s)