Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/tls: cache TLS (client) cert validation? #8580
I'm seeing not-great TLS performance; enabling the ClientSessionCache seems to help. But it looks like even when resuming a session, we still call processCertsFromClient, and do an (expensive) validation of the client cert chain. Two ideas/questions: 1) Do we really need to re-validate the client cert on resume (haven't we already validated it on first-connect)? Can the client switch certs on us? 2) Is it possible to avoid any of this work using a cache? processCertsFromClient looks very cacheable to my untrained eye. I'm thinking something similar to ClientSessionCache in tls.Config. I guess I could turn off client-cert validation by the tls package, and implement my own cache. It would sure be nice if this was out-of-the-box though! Session resumption makes this less important, but I don't see why we wouldn't also cache validation of server certs.
Comment 1 by firstname.lastname@example.org:
An update/clarification: The expensive bit of the cert-chain validation seems to be the EC computations (my code spends 50% of CPU time in crypto/elliptic.p256ReduceDegree). I suggest a good approach might be to memoize the crypto computations (which never change). So we wouldn't worry about caching usage verifications or expiration times, and would rely on the standard caching of e.g. CRLs. I believe those checks are comparatively cheap, and much harder to cache correctly.