Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #58866

Re: OT: How to tell an HTTP client to limit parallel connections?

From Grant Edwards <invalid@invalid.invalid>
Newsgroups comp.lang.python
Subject Re: OT: How to tell an HTTP client to limit parallel connections?
Date 2013-11-08 21:14 +0000
Organization PANIX Public Access Internet and UNIX, NYC
Message-ID <l5jk84$23$3@reader1.panix.com> (permalink)
References (1 earlier) <mailman.2240.1383934618.18130.python-list@python.org> <l5jdi5$er3$1@reader1.panix.com> <mailman.2245.1383940002.18130.python-list@python.org> <l5jinm$i7g$1@reader1.panix.com> <mailman.2256.1383944501.18130.python-list@python.org>

Show all headers | View raw

On 2013-11-08, Chris Angelico <rosuav@gmail.com> wrote:
> On Sat, Nov 9, 2013 at 7:48 AM, Grant Edwards <invalid@invalid.invalid> wrote:
>> All I have control over is the server. I have no influence over the
>> client side of things other than what I can do in the HTTP server.
>
> Hmm. Then the only way I can think of is a reverse proxy that can
> queue, handle security, or whatever else is necessary. Good luck. It's
> not going to be easy, I think. In fact, easiest is probably going to
> be beefing up the hardware.
>
> Oooh.... crazy thought just struck me. What's your source of entropy?
> Is it actually the mathematical overhead of cryptography that's taking
> 2-3 seconds,

Yes.  AFAICT, it is.  Some of the key-exchange options are pretty
taxing.  I can speed things up by about a factor of 4 by disabling the
key-exchange algorithms that have the highest overhead, but those are
the algorithms that the SSL clients seem to prefer.  I'm reluctant to
force them further down their preference list, lest I end up not being
able to support some clients.

> or are your connections blocking for lack of entropy?

Nope. The cyrpto libraries we're using don't do that.  I'm not
entirely happy with the entropy generation used.  I wish I had more
sources of "real" randomness, but at least they don't block.

> You might be able to add another source of random bits, or possibly
> reduce security a bit by allowing less-secure randomness from
> /dev/urandom.

It's not Unix-like OS, but that's more or less what's happening.

-- 
Grant Edwards               grant.b.edwards        Yow! I'm sitting on my
                                  at               SPEED QUEEN ... To me,
                              gmail.com            it's ENJOYABLE ... I'm WARM
                                                   ... I'm VIBRATORY ...

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 17:25 +0000
  Re: OT: How to tell an HTTP client to limit parallel connections? donarb <donarb@nwlink.com> - 2013-11-08 09:39 -0800
  Re: OT: How to tell an HTTP client to limit parallel connections? Skip Montanaro <skip@pobox.com> - 2013-11-08 11:39 -0600
    Re: OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 18:01 +0000
  Re: OT: How to tell an HTTP client to limit parallel connections? Chris Angelico <rosuav@gmail.com> - 2013-11-09 05:16 +1100
    Re: OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 19:20 +0000
      Re: OT: How to tell an HTTP client to limit parallel connections? Chris Angelico <rosuav@gmail.com> - 2013-11-09 06:39 +1100
        Re: OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 20:48 +0000
          Re: OT: How to tell an HTTP client to limit parallel connections? Chris Angelico <rosuav@gmail.com> - 2013-11-09 08:01 +1100
            Re: OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 21:14 +0000
              Re: OT: How to tell an HTTP client to limit parallel connections? Chris Angelico <rosuav@gmail.com> - 2013-11-09 08:29 +1100
  RE: How to tell an HTTP client to limit parallel connections? Nick Cash <nick.cash@npcinternational.com> - 2013-11-08 19:42 +0000
    Re: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 21:02 +0000
  Re: OT: How to tell an HTTP client to limit parallel connections? Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-08 13:13 -0700
    Re: OT: How to tell an HTTP client to limit parallel connections? Grant Edwards <invalid@invalid.invalid> - 2013-11-08 21:05 +0000

csiph-web