On 06/18/2016 12:19 PM, Dan Purgert wrote: > Pascal Hambourg wrote: >> Le 17/06/2016 21:52, Jochen Spieker a écrit : >>> Pascal Hambourg: >>>> >>>> Hmm. I don't know how SSL works, but HTTPS runs on top of TCP so I doubt >>>> that it cares about IP packet size. The task of splitting the TCP payload >>>> stream into IP packets is done by the TCP layer. >>> >>> Sure, but if your encryption scheme wastes payload in yout packets you >>> have more overhead for TCP/IP headers in each packet. >> >> Why would encryption increase the payload size ? >> Disk encryption with dm-crypt does not (except for the LUKS header). > > Because most encryption schemes use a standard blocksize (let's say 64 > bytes), and those 'encrypted blocks' do not fit well into the max > payload size of a packet. > > More packets = more overhead. > >
Interesting factoid. I'd suspected as much but to read it said affirmatively... Thanks. - Leon
