trafficserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sudheerv <...@git.apache.org>
Subject [GitHub] trafficserver pull request: TS-3746: Make proxy.config.ssl.client....
Date Sun, 19 Jul 2015 00:52:54 GMT
Github user sudheerv commented on the pull request:

    https://github.com/apache/trafficserver/pull/254#issuecomment-122609479
  
    Agree with @ushachar - 
    
    Transaction and Session/connection are not interchangeable (at least, not how I see it).
Keep-Alive is a *transaction* level property (see more below), whereas, server validation
is a *session* level property.
    
    Keep-Alive is allowed to be overridden in ATS, as it is a *HTTP* level property, which
is defined/meant-to-be-used per transaction and the corresponding status (via *Connection*
HTTP header) exchanged even in every transaction (consequently, it makes perfect sense to
be associated per transaction).
    
    OTOH, server cert verification is not a *HTTP* level property, it is a TLS layer property
and is applied at a session/connection level and should (can) not clearly be overridden per
remap or even within a plugin per transaction.
    
    I'm fine to let that override per origin connection, which obviously requires maintaining
separate sessions (verified vs non-verified) if server session sharing is to be supported.
To that extent, even if session sharing is not supported to allow to let this feature be overridden
per transaction, it still can not be allowed to be overridden per transaction (otherwise,
how's that going to work with multiplexed transactions in a given session, if each Txn (in
the same session) wants something different)?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message