| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| q=dns; s=default; b=ZtjC01GCfM5KvMA1KQuMUJ5JVuoO0z6SmkjyjOi5chz | |
| tDPoa/+Wv+mhwfN2qRzv753qiIx4B25izcUXoXzlc6XMmbscqxHL7ltnm0V9nu0R | |
| 10ioT0nmS3+zRCN1E01TK6natTgSQ0eABPWeLLCSVw+kkkrbKlTpo+zsElDNhHU8 | |
| = | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| s=default; bh=Ss0+3qO14QUrLs5Tjj3dETTJk5s=; b=LJtaDbnVMYUbzrPzB | |
| jUkw9CWzAswqDgk8YDt3SesTq6eZkCQQ9vPpK/CKIMjJzweUWyqZLFtQ7gaII1AC | |
| OF/3sR1N50UPlaRM6HWPbpKigeyKVyAKuMKSW8mkhidIh+cg13X95R8+GH1fTJME | |
| sUXlEEOI9pbRZ8Yli9yigLEaAM= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-0.2 required=5.0 tests=BAYES_50,RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=H*F:U*cygwin, decade, encryption, H*r:192.168.3 |
| X-HELO: | Ishtar.sc.tlinx.org |
| Message-ID: | <57204FB0.7030201@tlinx.org> |
| Date: | Tue, 26 Apr 2016 22:35:44 -0700 |
| From: | Linda Walsh <cygwin AT tlinx DOT org> |
| User-Agent: | Thunderbird |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Proposed patch for web site: update most links to HTTPS |
| References: | <BL2PR03MB228A4FE7B2CCA51E5FF5163DF610 AT BL2PR03MB228 DOT namprd03 DOT prod DOT outlook DOT com> <1074467721 DOT 20160425030008 AT yandex DOT ru> <BL2PR03MB22817533DCF96CD385BD883DF620 AT BL2PR03MB228 DOT namprd03 DOT prod DOT outlook DOT com> <48360918 DOT 20160425084918 AT yandex DOT ru> <20160425124332 DOT GO2345 AT dinwoodie DOT org> |
| In-Reply-To: | <20160425124332.GO2345@dinwoodie.org> |
| X-IsSubscribed: | yes |
Adam Dinwoodie wrote: > Secure connections historically had a high overhead, sure, but that's > very rarely the case nowadays. Certainly my experince of loading the > Cygwin web page is that there's no perceptible difference between the > http and https versions. Adam Langley (a senior engineer at Google) > wrote an article back in 2010 about how TLS is now computationally > cheap[0]; it's only gotten cheaper since. ---- Google talking about benefits of https everywhere is a bit like the government telling us that having 'banks' create the rules for how we use money is "impartial". https slows down the entire web -- you think not by much -- and that's because no one knows what the speed is like if everything that could be cleartext, was. Sure crypto speedups have been added to HW, but speedups in communications HW has speed up as well. So encryption speed has gone up 100-200%, in the past decade, but in the past decade communication speeds have gone up from 100Mb-> 10Gb @ home and ~1Mb -> 50-100Mb over the external net -- that's a 1000% speedup @ home to a 5000-10000% speedup externally. That means more and more of that speed is being lost to crypto which can't keep up and be secure because it is expensive to do the computations. A different example: When I first started regular backups, I used gzip on default settings and thought my 5MB/s was 'normal'. As my network went up by 100x, I was still getting <10MB/s in backup speed. The bottleneck was the compression -- even fast compressors like lzo limit backups to less than 20-30MB/s. Compare that to uncompressed speeds: 200-400MB/s. > At the very least, the Cygwin website should be using protocol- > independent links, meaning users accessing the website using https > aren't switched to http when they click on a link (i.e. link to > "//cygwin.com/path/to/page" rather than "https://cygwin.com/..." or > "http://cygwin.com/..."). But I agree with Brian: the Cygwin website > should use https everywhere unless there's some good, specific reason > why it's a bad idea. And "TLS is slow" hasn't been a good reason for > years. --- Compared to the latency it induces over the net, and the increases in net speed, it's getting slower and slower and the penalty is getting worse by the year. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |