kmip-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Fw: [kmip-comment] One TLS record per message?
- From: Mathias Bjoerkqvist1 <MBJ@zurich.ibm.com>
- To: kmip-comment@lists.oasis-open.org
- Date: Tue, 15 Nov 2011 17:51:10 +0100
Adding a copy to the KMIP comment list
for anyone else interested.
Best Regards,
Mathias
----- Forwarded by Mathias
Bjoerkqvist1/Zurich/IBM on 15.11.2011 17:49 -----
Mathias Bjoerkqvist1/Zurich/IBM wrote on 15.11.2011
11:17:09:
>
> > ----- Original Message -----
> > From: Jim Flood [mailto:jim.flood@townsendsecurity.com]
> > Sent: Monday, November 14, 2011 01:55 PM
> > To: kmip-comment@lists.oasis-open.org <kmip-comment@lists.oasis-open.org>
> > Subject: [kmip-comment] One TLS record per message?
> >
> > Hello,
> >
> > Is a single Request Message and/or a Response Message carried
in a
> > single TLS record, with its limit of 16K? Or is it possible
for a
> > single message to span multiple TLS records?
> >
> > In other words, can the server expect the entire Request Message
to fit
> > in a 16K buffer, and would the client expect the same of the
Response
> > Message, regardless of the number of batch items or the amount
of data
> > that would otherwise be returned?
> >
> > Jim Flood
> > Townsend Security
> >
> Hi Jim,
>
> KMIP treats the TLS layer as a logical byte stream. A TLS compliant
> implementation can select any record size it
wants from 1 byte up to the
> maximum record size. While a client can set the
Maximum Response Size field
> in a request, thereby limiting the size of the
message the server can
> send back, any assumptions made by an implementation
that a single KMIP
> TTLV message can fit within a TLS record are
invalid.
>
> If you are already working on, or planning to start working on a KMIP
> implementation, you might be interested to know
that we have an
> active interoperability-focused subgroup of KMIP.
The knowledge and
> experience gained and shared there have been
very helpful to folks starting
> out with the protocol. If you want to know more,
just drop me a mail and
> I'll send you some more information.
>
> Best Regards,
> Mathias Björkqvist
>
> PS Thanks Tim for the TLS details
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]