Wednesday, January 19, 2011

Does HTTPS use TCP or UDP?

Does HTTPS use TCP or UDP?

From serverfault Steven

  • It uses TCP. It would be difficult to run it on UDP without the guarantee of packets arriving. If the packets don't arrive, the encrypted data will not be decipherable.

    janneb : Or if the packets arrive out of order, as UDP contains no provisions for reordering packets like TCP.
    Graeme Donaldson : Not going to -1 you because it'd be a little pedantic, but its worth noting that there's no reason it couldn't be run over UDP. It may be atypical, but it is possible.
    From sybreon

  • For the next time, if you wonder if a default port service run on tcp or udp, you can look at /etc/services on a linux machine.

    Graeme Donaldson : Or a Windows machine, in a command prompt: `find "https" %windir%\system32\drivers\etc\services`
    Peter Eisentraut : My /etc/services also lists 80/udp. Actually, many services have allocated both ports, "just in case" I guess.
    From Deimosfr

  • The OSI model allows higher layer protocols to run over any underlying protocol providing the correct services. HTTPS is HTTP using SSL/TLS security. SSL/TLS typically runs on top of TCP, but there is nothing to stop you from running it on UDP, SCTP or any other transport layer protocol.

    As a matter of fact HTTPS over TCP and UDP are both defined as "well known" by IANA and have reserved port numbers.

    See http://www.iana.org/assignments/port-numbers for the "official" ports/protocol combinations.

    pehrs : See for example http://tools.ietf.org/html/rfc4347 (Datagram Transport Layer Security) for how SSL/TLS can run over UDP.
    From pehrs

  • HTTPS can run over any reliable stream transport protocol. Normally that's TCP, but it could also be SCTP. It is NOT expected to run over UDP, which is an unreliable datagram protocol (in fact, while that's not its official name, that's a good way to remember what it is).

    The IANA assignment for UDP is historical; at the time, nearly every protocol was assigned both the TCP and UDP port numbers, even if it was expected that it would only ever use one. There has been discussion of merging the port number registries, and only ever assigning one port to one protocol from here on. That is to make it easier to deploy future transport protocols that would otherwise need their own registries. I'm not aware of how that discussion concluded.

    Nasko : Most SSL implementations expose it as SSL socket, so it implies TCP. There are very rare occurrences of using any other transport.
    From Andrew McGregor
Posted by Mu Cat at 6:16 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)