Sam Stickland sam_mailinglists at
Thu Jul 24 11:50:16 UTC 2008

Steven M. Bellovin wrote:
> As for CPU time -- remember that most web site visits are very short;
> this in turn means that you have to amortize the SSL setup expense over
> very few pages.  I talked once with a competent system designer who
> really wanted to use https but couldn't -- his total system cost would
> have gone up by a factor of 10.
We handle the SSL decryption on the front-end load-balancers (hardware 
assisted). For financial transactions the load-balancers also maintain 
long-lived SSL connections to the webservers, that the decrypted data is 
pipelined into. This avoids the expensive session setup and teardown on 
the servers.


More information about the NANOG mailing list