Just an interesting observation I had about this once when I noticed that kernel quic implementations weren't very fast.
KTLS is mostly useful if paired with sendfile (I'm ignoring io_uring because I'm not as up to date on that). Otherwise you have to context switch back to userspace constantly.
Assuming the files are encrypted anyway for DRM reasons: why should static content like movies be TLSed? I know I know, "TLS all the things", but it sounds like a high cost at Netflix scale.
It seems like it took engineering work, but TLS isn't their bottleneck when the data flow is structured correctly for the hardware (which is kind of the thesis of a lot of the Netflix CDN node optimization stuff).
I refused to connect my TV to the internet and use a Vero V for all of my watching needs. The Vero V is absolutely worse than most other experiences, but I'm happy.
To prevent a browser mixed content warning maybe (I didn't attend the presentation). Apparently 15% of Netflix viewing happens in browsers.
Inside an Apple TV app, the default requires TLS 1.2 or later and while exceptions are apparently allowed (including for media streaming) they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin...
Just an interesting observation I had about this once when I noticed that kernel quic implementations weren't very fast.
KTLS is mostly useful if paired with sendfile (I'm ignoring io_uring because I'm not as up to date on that). Otherwise you have to context switch back to userspace constantly.
Assuming the files are encrypted anyway for DRM reasons: why should static content like movies be TLSed? I know I know, "TLS all the things", but it sounds like a high cost at Netflix scale.
It seems like it took engineering work, but TLS isn't their bottleneck when the data flow is structured correctly for the hardware (which is kind of the thesis of a lot of the Netflix CDN node optimization stuff).
Stops Comcast from seeing the metadata and knowing exactly what their mutual customers are streaming.
wait till you hear about what smart tvs do..
I refused to connect my TV to the internet and use a Vero V for all of my watching needs. The Vero V is absolutely worse than most other experiences, but I'm happy.
To prevent a browser mixed content warning maybe (I didn't attend the presentation). Apparently 15% of Netflix viewing happens in browsers.
Inside an Apple TV app, the default requires TLS 1.2 or later and while exceptions are apparently allowed (including for media streaming) they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin...
Nice seeing BSD s getting some use.