Security Basics mailing list archives
RE: questions on SSL
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 14 Nov 2008 10:02:28 -0800
The bandwidth overhead for SSL is quite small, and shouldn't be an issue. However, the CPU load of the encryption/decryption can be substantial for a popular site/domain. It's not unusual for that to be off-loaded to some sort of front-end, which may also balance load amongst a number of back-end servers. Think of it as a proxy that talks SSL to remote clients, but unencrypted to the local servers that actually process the requests. This can allow you to ramp up your SSL usage without slowing your sites to a crawl. David Gillett
-----Original Message----- From: s0h0us () yahoo com [mailto:s0h0us () yahoo com] Sent: Friday, November 14, 2008 7:28 AM To: security-basics () securityfocus com Subject: questions on SSL I'm lookig for some comments regarding using SSL to encrypt connectivity to entire website as opposed to just certain critical connections such as an online banking link at a financial institutions. is this a more common practice now? Bandwidth wouldn't seem to be as big an issue as it was in the past with dialup connections. Can one SSL certificate be used to encrypt multiple links originating from the same site: https://x.domain.com https://y.domain.com thanks for the feedback
Current thread:
- questions on SSL s0h0us (Nov 14)
- Re: questions on SSL judd . obannon (Nov 14)
- Re: questions on SSL Andre Pawlowski (Nov 14)
- RE: questions on SSL Chris Mitchell (Nov 14)
- Re: questions on SSL Ansgar Wiechers (Nov 14)
- Re: questions on SSL Ansgar Wiechers (Nov 14)
- RE: questions on SSL David Gillett (Nov 14)