WebApp Sec mailing list archives
Re: Idea for making SSL more efficient
From: "Frank O'Dwyer" <fod () littlecatZ com>
Date: Sun, 18 Jul 2004 15:14:06 +0100
V. Poddubnyy wrote:
Yes that's true. <img src="https://myserver/mypic.jph" hash="ab1234..."> would be enough though (i.e. have modified clients just change the scheme to http implicitly), or have the server serve a different page based on the user agent header. The hash is going to tend to expand the message too though - depends whether the increase in cache hits will be worth it.Do you mean: <img src="https://myserver/mypic.jpg" supersrc="http://myserver/mypic.jpg" hash="agqwe54"> ? I think this will help to revert back the traffic size, because any image will contain additional link...
Well never 3 - twice at most, and only if the cache is broken. You'll average 1.something downloads per image if the cache works at all (just 1 if it works perfectly) - whether that's going to be worth it depends on how well the cache works, and whether it's cheaper to access the cache than the end server, which depends on all sorts of factors.So poor dial-up users will need to download 100 Kb image up to 2 or 3 times (from proxy, from original server, then may be via SSL) to be sure it iscorrect image?
And if the page contains many images that chage often? You will need to use standard SSL for those images to prevent many redownloads...
Yes, but so what. That's how it is now. Cheers, Frank
Current thread:
- Idea for making SSL more efficient Paul Johnston (Jul 16)
- Re: Idea for making SSL more efficient Kurt Seifried (Jul 17)
- Re: Idea for making SSL more efficient Frank O'Dwyer (Jul 18)
- RE: Idea for making SSL more efficient V. Poddubnyy (Jul 18)
- Re: Idea for making SSL more efficient Frank O'Dwyer (Jul 18)
- Re: Idea for making SSL more efficient Frank O'Dwyer (Jul 18)
- Re: Idea for making SSL more efficient Kurt Seifried (Jul 17)
- <Possible follow-ups>
- RE: Idea for making SSL more efficient Scovetta, Michael V (Jul 16)
- RE: Idea for making SSL more efficient Michael Howard (Jul 16)
- Re: Idea for making SSL more efficient Frank O'Dwyer (Jul 16)
- Re: Idea for making SSL more efficient Jason Coombs PivX Solutions (Jul 16)
- RE: Idea for making SSL more efficient Michael Howard (Jul 16)
- Re: Idea for making SSL more efficient Kurt Seifried (Jul 16)
- Re: Idea for making SSL more efficient Kurt Seifried (Jul 18)
- Re: Idea for making SSL more efficient Frank O'Dwyer (Jul 18)