Re: Ada for the TLS/SSL problem?

[Peter Brooks <peter.h.m.brooks@gmail.com>]

On Wednesday, 16 March 2016 19:05:09 UTC+2, Dmitry A. Kazakov  wrote:
> On 2016-03-16 13:09, Peter Brooks wrote:
> 
> > My feeling is that we'd need a general, configurable, security
> > layer.  This can be proved to work by implementing TLS.
> 
> Well from my POV the idea of a layer as known in SSL/TLS is a 
> non-starter. It is broken per design because it cannot provide 
> reasonable QoS, short latency required for automation and control 
> applications.
> 
> The basic requirement is that encryption and signing may not coalesce 
> transport packets. Ideally it should work on the packet level with 
> packets of any length. I understand that this would impose difficult 
> problems but otherwise it would be unusable outside lousy web applications.
>
SSL, and TLS are defined at level 6 of the OSI model. See: https://en.wikipedia.org/w/index.php?title=OSI_model&action=submit
> 
> It is OK to implement TLS as-is, nobody would object that. But something 
> better must be really better.
> 
Undoubtably!