• HTTPS Performance Tuning

    Following up my last post, “SSL is not computationally expensive anymore,” I noticed Google is still using a 1024-bit RSA certificate for Gmail. I did some digging and confirmed that the performance hit of using a 2048-bit RSA key is about five times that of 1024-bit key. So this could create a 5-10 percent load on CPU and network overhead

        in SSL Deployment, Technical
    0
  • SSL is not computationally expensive anymore

    A recurring theme in this blog is proper SSL deployment . One of the push backs that we hear is that SSL brings a lot of overhead, so it only gets deployed when absolutely necessary. Well, that myth was busted about a year ago when Google switched of Gmail to HTTPS. An article by Adam Langley of Google

        in SSL Deployment, Technical
    0
  • Nice Try Facebook

    The good news? Facebook is enabling you to experience their social media site entirely over HTTPS. The bad news is that HTTPS is not turned on by default. So if you want HTTPS, then you will have to figure it out yourself. Although probably already in the works when Firesheep was released, it appears that Facebook has rushed its implementation

        in Secure Browsing, SSL Deployment
    0