What is the smallest possible http and https data request

前端 未结 3 1433
伪装坚强ぢ
伪装坚强ぢ 2021-02-19 19:05

Lets say I want to GET one byte from a server using the http protocol and I want to minimize everything, no headers just http://myserver.com/b where b is a text file with one ch

3条回答
  •  挽巷
    挽巷 (楼主)
    2021-02-19 19:50

    It is an old question, but maybe someone found it useful, because nobody has answered the HTTPS part of the question.

    For me this was needed for an easy validation of HTTPS communication in my proxy, which connects untrustable other proxies through tunnel.

    This site explains it clearly: http://netsekure.org/2010/03/tls-overhead/

    Quotes from the article:

    One thing to keep in mind that will influence the calculation is the variable size of most of the messages. The variable nature will not allow to calculate a precise value, but taking some reasonable average values for the variable fields, one can get a good approximation of the overhead. Now, let’s go through each of the messages and consider their sizes.

    • ClientHello – the average size of initial client hello is about 160 to 170 bytes. It will vary based on the number of ciphersuites sent by the client as well as how many TLS ClientHello extensions are present. If session resumption is used, another 32 bytes need to be added for the Session ID field.
    • ServerHello – this message is a bit more static than the ClientHello, but still variable size due to TLS extensions. The average size is 70 to 75 bytes. -Certificate – this message is the one that varies the most in size between different servers. The message carries the certificate of the server, as well as all intermediate issuer certificates in the certificate chain (minus the root cert). Since certificate sizes vary quite a bit based on the parameters and keys used, I would use an average of 1500 bytes per certificate (self-signed certificates can be as small as 800 bytes). The other varying factor is the length of the certificate chain up to the root certificate. To be on the more conservative side of what is on the web, let’s assume 4 certificates in the chain. Overall this gives us about 6k for this message.
    • ClientKeyExchange – let’s assume again the most widely used case – RSA server certificate. This corresponds to size of 130 bytes for this message.
    • ChangeCipherSpec – fixed size of 1 (technically not a handshake message)
    • Finished – depending whether SSLv3 is used or TLS, the size varies quite a bit – 36 and 12 bytes respectively. Most implementations these days support TLSv1.0 at least, so let’s assume TLS will be used and therefore the size will be 12 bytes

    So the minimum can be as big (or small) as:

    20 + 28 + 170 + 75 + 800 + 130 + 2*1 + 2*12 ≈ 1249
    

    Though according to the article, the average is about 6449 bytes.

    Also it is important to know that TLS sessions can be resumed, so only the 1st connection has this overhead. All other messages have about 330 bytes plus.

提交回复
热议问题