Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider datagram networking (UDP) #75

Open
jethrogb opened this issue Jan 25, 2019 · 4 comments

Comments

Projects
None yet
2 participants
@jethrogb
Copy link
Member

commented Jan 25, 2019

Currently, the Fortanix SGX ABI only supports stream networking. This is sufficient for most use cases. No decision has been made whether to add datagram networking in the future or not. Some things to consider:

  • What part of the BSD sockets API is necessary to support datagram networking? How does the Fortanix SGX ABI need to be expanded?
  • Does datagram networking have a big enough role to play in microservices/distributed systems?
  • Are there sufficient options to securely use datagram networking (DTLS?)?
  • Is the added complexity worth it?
  • Can it be implemented instead as a userspace service that is accessed via a stream?
@briansmith

This comment has been minimized.

Copy link

commented Jan 26, 2019

  • Does datagram networking have a big enough role to play in microservices/distributed systems?

Yes, soon, because of HTTP/3, which is based on QUIC, which is UDP-based.

Are there sufficient options to securely use datagram networking (DTLS?)?

Yes, soon, via QUIC, which is similar to DTLS.

@jethrogb

This comment has been minimized.

Copy link
Member Author

commented Jan 26, 2019

@briansmith Thanks, that does sound like a compelling reason.

@jethrogb

This comment has been minimized.

Copy link
Member Author

commented Jan 26, 2019

Actually, reading some more, QUIC just provides a byte stream abstraction. So while it may use UDP to do the underlying communication, streams still seem like the appropriate abstraction to expose to the application. I think all the QUIC handling could and should be done outside the enclave.

@jethrogb

This comment has been minimized.

Copy link
Member Author

commented Jan 27, 2019

I did some more reading and my previous comment is not correct. Still, I don't think all of QUIC should be handled in the enclave. I'll come back to this later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.