Open Bug 1827970 Opened 3 years ago Updated 2 years ago

[meta] libssl should avoid creating CERTCertificates before they are needed

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: jschanck, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: meta, Whiteboard: [nss-fx])

John Schanck [:jschanck]

Reporter

Description

•

3 years ago

A significant percentage of TLS handshake time is spent instantiating CERTCertificates that are not used by PSM. To the extent that it is possible, structures in libssl should store DER encoded certificate data instead of CERTCertificates. Routines that require a CERTCertificate should be modified to instantiate one on the fly.

Benjamin Beurdouche [:beurdouche]

Updated

•

2 years ago

Severity: -- → S4

John Schanck [:jschanck]

Reporter

Updated

•

2 years ago

Severity: S4 → N/A

Summary: libssl should avoid creating CERTCertificates before they are needed → [meta] libssl should avoid creating CERTCertificates before they are needed

BugBot (nomail) [:suhaib / :marco/ :calixte]

Updated

•

2 years ago

Keywords: meta

John Schanck [:jschanck]

Reporter

Updated

•

2 years ago

Depends on: 1890618

John Schanck [:jschanck]

Reporter

Updated

•

2 years ago

Updated

•

2 years ago

Depends on: 1892872

John Schanck [:jschanck]

Reporter

Updated

•

2 years ago

Depends on: 1893334

John Schanck [:jschanck]

Reporter

Updated

•

2 years ago

No longer depends on: 1893334

You need to log in before you can comment on or make changes to this bug.

Bugzilla

[meta] libssl should avoid creating CERTCertificates before they are needed

Categories

(NSS :: Libraries, enhancement, P3)

Tracking

(Not tracked)

People

(Reporter: jschanck, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: meta, Whiteboard: [nss-fx])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated

Updated

Updated

Updated