[cbetz]

I can't tell if this is an apology or a non-apology. It seems to have elements of both.

Clearly the moral of the story is: "Don't claim that X sucks unless you are are damn sure".

Saying something sucks is fightin' words. Don't expect to people be nice if you are wrong.

[tptacek]

Why would someone apologize for writing an informative blog post? I'm glad he wrote both, even if he had to walk the first one back a bit.

[SnowLprd]

I found both posts informative, and yet I'm with cbetz on this one. The issue isn't whether Matt's first post was informative but is instead whether it was fair|wise|necessary to say "Nginx sucks at SSL" instead of, say, "My initial testing, which needs to be investigated further, is showing Nginx SSL performance lower than other alternatives." The first headline is more likely to grab folks' attention, which is probably why Matt chose that headline. It is probably that choice that cbetz finds objectionable, and if so, I agree with him.

[pyre]

  > "My initial testing, which needs to be investigated
  > further, is showing Nginx SSL performance lower than
  > other alternatives."

You keep using that word ('headline'), but I do not think it means what you think it means.

[SnowLprd]

Okay, I'll bite. Here you go: "Initial Tests Show Slow Nginx SSL Performance" Wasn't that hard, was it?

[pyre]

My point was that you seemed to have purposely made that 'headline' that you thought he should have used needlessly verbose, to the point where it couldn't be considered a headline.

[clintjhill]

I don't know that it required an apology or if he was even really wrong in the first post.

The result was his digging into it to figure out the default config included a computationally expensive setup.

That's a debatable thing. Not necessarily wrong.

[SnowLprd]

As far as I can tell, saying "Nginx sucks at SSL" is actually not debatable and is indeed just plain wrong. Yes, the default SSL config uses a cipher that is, relatively speaking, more computationally expensive than others. That doesn't mean Nginx "sucks at SSL." Don't like the default cipher? Great -- change it.

I found the posts to be informative, but I get the impression that the "Nginx sucks at SSL" linkbait headline is what's rubbing folks the wrong way.

[pyre]

  > Clearly the moral of the story is: "Don't claim that
  > X sucks unless you are are damn sure".

More like: "If you say something that upsets people, they will spend a lot of time and effort to display their ignorance in an effort to prove you wrong -- as if you had insulted their very being -- even though you just made and honest mistake." I read the original article, and I didn't see it as an attack on Nginx, or Nginx's SSL support. He ran some benchmarks and said, "Wow, those numbers suck."

  > Don't expect to people be nice if you are wrong.

I read the HN comments here and on the original post, and I don't remember anyone saying anything about cyphers. The people that were 'not nice' were also wrong. Would that excuse the author of the post, from turning around and being 'not nice' to those people because they are wrong?