Path: csiph.com!news.swapon.de!eternal-september.org!feeder.eternal-september.org!mx02.eternal-september.org!.POSTED!not-for-mail From: Paul Rubin Newsgroups: comp.lang.python Subject: Re: OT: limit number of connections from browser to my server? Date: Mon, 16 May 2016 13:41:38 -0700 Organization: A noiseless patient Spider Lines: 14 Message-ID: <87a8jpohvh.fsf@jester.gateway.pace.com> References: Mime-Version: 1.0 Content-Type: text/plain Injection-Info: mx02.eternal-september.org; posting-host="589dd00be5ee573d7046ed589be3c50c"; logging-data="3408"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19cGBSeXYse3q/7vjlx5p1K" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Cancel-Lock: sha1:Iu5fsswnR1NVP4t9V7vS17eM+qg= sha1:ZNIe3p4GqBrEpCKwXah0QG0Sk3s= Xref: csiph.com comp.lang.python:108697 Grant Edwards writes: > I've actually got plenty of RAM. I just can't afford the CPU time it > takes to do the public-key crypto stuff that happens each time an SSL > connection starts up. I think you should only have to do that once, then use TLS session resumption for additional connections. There is also something called TLS-PSK in TLS 1.3. Do you mind saying the application, and what clients you have to support? What TLS stack are you using? There is generally also a way to configure browsers to limit the number of outgoing connections. I'll probably be meeting with some TLS experts tomorrow night for unrelated reasons, so I can ask them about this if you want.