|
|
|
|
|
|
by skissane
249 days ago
|
|
|
z/OS has this interesting feature AT-TLS (Application Transparent TLS)-an app requesting a plaintext socket may silently get a TLS socket instead (with the TLS implemented in the OS), based on a policy defined by the system administrator. Maybe the solution might be something similar… an app asks for a TCP socket, but (if the request matches a policy) it gets an MPTCP socket instead-so you could make apps use MPTCP even if they weren’t compiled to support it. Maybe you could implement this using LD_PRELOAD/ptrace/eBPF/etc |
|
|
But the best is to let the app (and their users) controlling that, with a nice option. With Chrome/Firefox/..., we could enable MPTCP per domain for example.