[HTTPS-Everywhere] -1

Peter Eckersley pde at eff.org
Sun Oct 17 09:50:30 PDT 2010 

Well, we don't want to force you to turn your service off!  We'd be willing to
consider turning the identi.ca rule off by default if you feel there's no
alternative.

More generally, our sense is that it's no longer stricly necessary to buy special
hardware, or more harwarde, to do HTTPS:

http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

However, for sites that don't have the engineering resources that Google has
been able to throw at SSL, that's probably more of a theoretical truth than an
actual truth.  Has anyone on this list tried to replicate the optimisations
that Adam Langley describes in the context of a typical open source web stack?
Is there anything we should be doing to help make this easier to deploy?

On Thu, Oct 14, 2010 at 03:46:24PM -0400, Evan Prodromou wrote:
> Here's my quick feedback on HTTPS-everywhere, from a service providers'
> perspective.
> 
> On our service, we only have certain sensitive pages linked under HTTPS.
> The vast majority are linked under HTTP. You can get to them with HTTPS,
> but they won't work well.
> 
> Why? Because HTTPS is costly. Tricks that we use to spread lots of hits
> over many cheap servers don't work with HTTPS. If we were to use HTTPS
> for all pages, say, we'd probably need twice as many  Web servers.
> 
> Our software's Open Source and federated, so if someone wants to run it
> on their own server with SSL enabled all the time (we support that),
> they can.
> 
> But if everyone used HTTPS-everywhere to access our servers, it would
> mean we'd have to shut down our service for everyone.
> 
> -Evan
> 
> 
> ________________________________________________________________________
> Evan Prodromou, CEO
> StatusNet Inc., 1124 rue Marie-Anne Est #32, Montreal, QC H2J 2T5
> T: 438-380-4801 x101 C: 514-554-3826 W: http://evan.status.net/ E:
> evan at status.net
> 
> 

> _______________________________________________
> HTTPS-everywhere mailing list
> HTTPS-everywhere at mail1.eff.org
> https://mail1.eff.org/mailman/listinfo/https-everywhere


-- 
Peter Eckersley                            pde at eff.org
Senior Staff Technologist         Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993

More information about the HTTPS-everywhere mailing list