[erlang-questions] TLS distribution: why proxy?

Magnus Henoch <>
Wed Oct 28 17:31:38 CET 2015


Hi all,

I'm looking into the code for running the Erlang distribution protocol over
TLS, as described in
http://www.erlang.org/doc/apps/ssl/ssl_distribution.html . I've noticed
that the code uses a proxy: for each node, there is one TLS-encrypted
connection to the remote node, and one non-encrypted connection over
localhost, all managed by a proxy process that just receives data on the
non-encrypted connection and sends it to the TLS connection and vice versa.

To me it would seem more rational to use a TLS connection directly, so
surely there must be a good reason for things being done this way, but I
haven't found any, neither in comments nor in the version history. Does
anyone know why the TLS distribution is set up in this way?

Regards,
Magnus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20151028/19823086/attachment.html>


More information about the erlang-questions mailing list