made a quick server toy that just prints out UwU anyone connecting to show the 600ms delay
https://github.com/pinkforest/tls_neg_loiter
- add
loiter.rustcryp.to into your hosts for your 127.0.0.1 loopback
- cd certs;make rsa4096
- cd ..; cargo run (to run the mock server)
openssl s_client -crlf -servername loiter.rustcryp.to -CAfile certs/ca.rsa4096.crt 127.0.0.1:828 (shows delay after CONNECTED)- connect with firefox with network console and also see (server doesn't multiplex so ensure you close the openssl before)
This only happens with issues signed with rsa but it doesn't happen with prime256v1 etc. these only have 1-3 ms latency
Also doesn't happen with aws-lc-rs with either rsa4096 / prime256v1
Probably good idea to bump RSA...
made a quick server toy that just prints out UwU anyone connecting to show the 600ms delay
https://github.com/pinkforest/tls_neg_loiter
loiter.rustcryp.tointo your hosts for your 127.0.0.1 loopbackopenssl s_client -crlf -servername loiter.rustcryp.to -CAfile certs/ca.rsa4096.crt 127.0.0.1:828(shows delay after CONNECTED)This only happens with issues signed with rsa but it doesn't happen with prime256v1 etc. these only have 1-3 ms latency
Also doesn't happen with aws-lc-rs with either rsa4096 / prime256v1
Probably good idea to bump RSA...