https

• Previous message (by thread): https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
• Next message (by thread): https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Steven M. Bellovin wrote:
> As for CPU time -- remember that most web site visits are very short;
> this in turn means that you have to amortize the SSL setup expense over
> very few pages.  I talked once with a competent system designer who
> really wanted to use https but couldn't -- his total system cost would
> have gone up by a factor of 10.
>   
We handle the SSL decryption on the front-end load-balancers (hardware 
assisted). For financial transactions the load-balancers also maintain 
long-lived SSL connections to the webservers, that the decrypted data is 
pipelined into. This avoids the expensive session setup and teardown on 
the servers.

Sam

• Previous message (by thread): https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
• Next message (by thread): https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]