mailing list archives
RE: questions on SSL
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 14 Nov 2008 10:02:28 -0800
The bandwidth overhead for SSL is quite small, and shouldn't
be an issue.
However, the CPU load of the encryption/decryption can be
substantial for a popular site/domain. It's not unusual for
that to be off-loaded to some sort of front-end, which may
also balance load amongst a number of back-end servers. Think
of it as a proxy that talks SSL to remote clients, but
unencrypted to the local servers that actually process the
requests. This can allow you to ramp up your SSL usage without
slowing your sites to a crawl.
From: s0h0us () yahoo com [mailto:s0h0us () yahoo com]
Sent: Friday, November 14, 2008 7:28 AM
To: security-basics () securityfocus com
Subject: questions on SSL
I'm lookig for some comments regarding using SSL to encrypt
connectivity to entire website as opposed to just certain
critical connections such as an online banking link at a
financial institutions. is this a more common practice now?
Bandwidth wouldn't seem to be as big an issue as it was in
the past with dialup connections.
Can one SSL certificate be used to encrypt multiple links
originating from the same site:
thanks for the feedback