-
Type: Spec Change
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Component/s: Client Side Encryption
Summary
Specify socket/connect timeout to use for KMS requests
Consider adding an option to configure the timeout.
Background & Motivation
When libmongocrypt enters the MONGOCRYPT_CTX_NEED_KMS state, drivers are expected to connect with TLS to a KMS service and do a socket write and read. It is not currently specified what socket/connect timeouts are expected.
Drivers do not appear to apply timeouts consistently (ranging from 10 seconds, to 5 minutes, to "no timeout"). There is a report of KMS timeouts observed under heavy load with the Java driver using the 10 second timeout.
- is related to
-
CSHARP-4461 Add default socket timeouts for kms calls
- Backlog