Is anyone successfully using some sort of hardware crypto solution to combat the overhead of SSL in http transactions? I'd love to hear anything good or bad about this. -Bill -- -=| Bill Swingle - <unfurl@(dub.net|freebsd.org)> -=| Every message PGP signed -=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223 -=| "Computers are useless. They can only give you answers" Pablo Picasso -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20031021/a68ebd37/attachment.bin
Dont know about http ssl, but I am using the cards from Soekris for my
backup server. As long as you use 3des for encryption, it does make a big
difference CPU wise. The next generation cards supposedly have AES and
public key generation, but I dont think the driver will do the public key
stuff. The safe driver says it does, but I dont know where to get such cards.
---Mike
At 11:27 PM 21/10/2003, Bill Swingle wrote:>Is anyone successfully using some sort of hardware crypto solution to
>combat the overhead of SSL in http transactions? I'd love to hear
>anything good or bad about this.
>
>-Bill
>
>--
>-=| Bill Swingle - <unfurl@(dub.net|freebsd.org)>
>-=| Every message PGP signed
>-=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223
>-=| "Computers are useless. They can only give you answers" Pablo
Picasso
>
>
>
On 2003-10-21 20:27 -0700, Bill Swingle <unfurl@dub.net> wrote:> Is anyone successfully using some sort of hardware crypto solution to > combat the overhead of SSL in http transactions? I'd love to hear > anything good or bad about this.Bill, Alteon and F5, among others, both make SSL acceleration appliances. I'm sure a device like this would greatly speed the processing of your HTTPS transactions. Good stuff. Greg -- Gregory S. Sutter Brutalized, compromised, mailto:gsutter@zer0.org corrupted and debased. http://zer0.org/~gsutter/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 155 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20031022/29d8e359/attachment.bin