Re: [Bug-wget] TLS1.3 via GnuTLS

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] TLS1.3 via GnuTLS

From:	Loganaden Velvindron
Subject:	Re: [Bug-wget] TLS1.3 via GnuTLS
Date:	Mon, 16 Jul 2018 18:41:23 +0400

On Mon, Jul 16, 2018 at 6:37 PM, Tim Rühsen <address@hidden> wrote:
> FYI
>
> GnuTLS 3.6.3 has been released today with TLS1.3 support (latest draft).
>
> So if you rebuild/link wget or wget2 with the new GnuTLS version, you
> can enable TLS1.3 via --ciphers="NORMAL:+VERS-TLS1.3"  (wget) resp.
> --gnutls-options="NORMAL:+VERS-TLS1.3" (wget2).
>
> Wget2 seems to get a 0RTT with --tls-resume on www.google.com.
> I have a ping of 11.5ms and regarding the debug output of wget2, it
> takes 13ms to load all 133 certificates from the local store (to load
> all certs is flaw in GnuTLS that I brought up there some years ago, but
> no solution yet).
>
> $time src/wget2_noinstall -d --gnutls-options="NORMAL:+VERS-TLS1.3"
> --tls-resume https://www.google.com
> ...
>

Thanks Tim. I'm sending a patch to the mailing list in a few minutes.

> real    0m0,027s
>
> That is 14ms left for creating the connection, sending the request and
> getting the response on a 11.5ms RTT. The 2.5ms are overhead due to
> initializing wget2, printing all the debug messages and saving the file.
>
> Oh, I forgot to say, TCP Fast Open is enabled by default and it is for a
> 'warm' connection.
>
> Happy testing.
>
> Regards, Tim
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] TLS1.3 via GnuTLS, Tim Rühsen, 2018/07/16
- Re: [Bug-wget] TLS1.3 via GnuTLS, Loganaden Velvindron <=
- Re: [Bug-wget] TLS1.3 via GnuTLS, Gisle Vanem, 2018/07/16

Prev by Date: [Bug-wget] TLS1.3 via GnuTLS
Next by Date: [Bug-wget] TLS1.3 via GnuTLS patch
Previous by thread: [Bug-wget] TLS1.3 via GnuTLS
Next by thread: Re: [Bug-wget] TLS1.3 via GnuTLS
Index(es):
- Date
- Thread