Difference between revisions of "VPP/HostStack/TLS"
From fd.io
Florin.coras (Talk | contribs) |
Florin.coras (Talk | contribs) |
||
Line 1: | Line 1: | ||
== TLS App == | == TLS App == | ||
− | TLS service is offered by the stack to other client applications via a custom builtin application. The TLS application implements a special transport type that allows it to behave as an application, from the underlying TCP transport perspective, but also as a transport, from the client application perspective. The app does not directly implement the TLS protocol, i.e., the record layer, handshaking protocols and the cryptographic computations and suites [1], instead it relies on the mbedtls library [2]. | + | TLS service is offered by the stack to other client applications via a custom builtin application. The TLS application implements a special transport type that allows it to behave as an application, from the underlying TCP transport perspective, but also as a transport, from the client application perspective. The app does not directly implement the TLS protocol, i.e., the record layer, handshaking protocols and the cryptographic computations and suites [1], instead it relies on the mbedtls library [2]. A high level view of the architecture can be seen lower |
+ | |||
+ | [[File:TLS App Architecture.png|thumb|TLS App Architecture]] | ||
== References == | == References == |
Revision as of 06:15, 7 March 2018
TLS App
TLS service is offered by the stack to other client applications via a custom builtin application. The TLS application implements a special transport type that allows it to behave as an application, from the underlying TCP transport perspective, but also as a transport, from the client application perspective. The app does not directly implement the TLS protocol, i.e., the record layer, handshaking protocols and the cryptographic computations and suites [1], instead it relies on the mbedtls library [2]. A high level view of the architecture can be seen lower
References
[1] RFC5246 The Transport Layer Security (TLS) Protocol Version 1.2
[2] mbedtls library