latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
hhoffman at ip-solutions.net
Sat Nov 2 02:06:56 UTC 2013
That's with a recommendation of using RC4.
Head on over to the Wikipedia page for SSL/TLS and then decide if you want rc4 to be your preference when trying to defend against a adversary with the resources of a nation-state.
Niels Bakker <niels=nanog at bakker.net> wrote:
>* mikal at stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]:
>>Its about the CPU cost of the crypto. I was once told the number of
>>CPUs required to do SSL on web search (which I have now forgotten)
>>and it was a bigger number than you'd expect -- certainly hundreds.
>"On our production frontend machines, SSL/TLS accounts for less than
>1% of the CPU load, less than 10KB of memory per connection and less
>than 2% of network overhead. Many people believe that SSL takes a lot
>of CPU time and we hope the above numbers (public for the first time)
>will help to dispel that."
> -- Niels.
More information about the NANOG