TLS session reuse
duijf opened this issue · comments
From looking at OpenSSL output, vaultenv doesn't currently seem to re-use TLS sessions. Doing this would be a performance improvement, especially on the server side. (Go TLS is quite slow golang/go#20058)
The underlying tls
package has a concept of a SessionManager
exactly for this:
https://hackage.haskell.org/package/tls-session-manager
https://hackage.haskell.org/package/tls-1.4.0/docs/Network-TLS.html#t:SessionManager
I opened an issue on the connection
package because the docs were a bit confusing.
I think we should experiment with the tls-session-manager
package to see if we can get it to work.
There has been no progress on vincenthz/hs-connection#32 for a long time. If we want this, perhaps we should look into binding libcurl instead.