-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: 8
-
Component/s: security-libs
-
None
-
Cause Known
noticed while reviewing JDK-8334670
We currently flush the SSLSocketOutputRecord (via hc.handshakeOutput.flush) after every handshake message. Flushing adds unnecessary overhead: record header, padding, MAC. If TCP_NODELAY is not enabled, it may additionally delay the transmission of subsequent messages.
We should only flush when necessary. Examples of places where flushing is necessary include: after Finished message, after ClientHello, after TLS 1.3 ServerHello / HelloRetryRequest, after TLS 1.2 ServerHelloDone. On the other hand, flushing is not necessary between Certificate and CertificateVerify, for example.
We currently flush the SSLSocketOutputRecord (via hc.handshakeOutput.flush) after every handshake message. Flushing adds unnecessary overhead: record header, padding, MAC. If TCP_NODELAY is not enabled, it may additionally delay the transmission of subsequent messages.
We should only flush when necessary. Examples of places where flushing is necessary include: after Finished message, after ClientHello, after TLS 1.3 ServerHello / HelloRetryRequest, after TLS 1.2 ServerHelloDone. On the other hand, flushing is not necessary between Certificate and CertificateVerify, for example.
- is blocked by
-
-
- Resolved
-