Home page logo

basics logo Security Basics mailing list archives

RE: questions on SSL
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 14 Nov 2008 10:02:28 -0800

  The bandwidth overhead for SSL is quite small, and shouldn't
be an issue.

  However, the CPU load of the encryption/decryption can be 
substantial for a popular site/domain.  It's not unusual for
that to be off-loaded to some sort of front-end, which may
also balance load amongst a number of back-end servers.  Think
of it as a proxy that talks SSL to remote clients, but 
unencrypted to the local servers that actually process the
requests.  This can allow you to ramp up your SSL usage without
slowing your sites to a crawl.

David Gillett

-----Original Message-----
From: s0h0us () yahoo com [mailto:s0h0us () yahoo com] 
Sent: Friday, November 14, 2008 7:28 AM
To: security-basics () securityfocus com
Subject: questions on SSL

I'm lookig for some comments regarding using SSL to encrypt 
connectivity to entire website as opposed to just certain 
critical connections such as an online banking link at a 
financial institutions. is this a more common practice now? 
Bandwidth wouldn't seem to be as big an issue as it was in 
the past with dialup connections. 
Can one SSL certificate be used to encrypt multiple links 
originating from the same site:

thanks for the feedback

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]