TODO.txt 921 Bytes
Newer Older
powelld's avatar
powelld committed
Essential
- Someone who understands the wire format can explain why the client-mbox capture contains additional data
- Fix the captures so they aren't corrupt (probably by terminating tcpdump properly)
- Find another way of "stepping out" of encryption other than asking the middlebox to modify a record?
or
- if we can't do that, fix the bug that prevents the middlebox from modifying stuff; keeping the message length constant results in MAC integrity fail warning, but transaction continues. Changing length results in fatal failure.

Nice to have
- Do the timing in a less monkey way than done here
- Think of a better or more powerful demonstration of this part of the story?
- Timings here show re-encrpytion is slower, but not by much. Difference in time could be dominated by calling script. Also could be diluted by the fact both are constantly writing to disk (have a "no-writing-to-disk" option in all three?)