Hacker News new | ask | show | jobs
by taligent 5121 days ago
Actually you didn't even pick the best benchmark. Almost all dedicated servers support AES-NI which can make a staggering difference to your site's SSL performance. This is not available to EC2 AFAIK.

http://www.tomshardware.com/reviews/clarkdale-aes-ni-encrypt...

http://forum.nginx.org/read.php?2,181676
2 comments
moonboots 5120 days ago
It should be noted that the AES-NI TLS speedup only occurs if you are using AES. If you are using RC4 (Google and Facebook use this), you won't benefit from the new cpu instruction. Here's another useful TLS benchmark I came across:

http://zombe.es/post/4078724716/openssl-cipher-selection

link
cmer 5121 days ago
You get my upvote. I had never heard of this before. Definitely interesting and something to keep in mind nowadays.
link
taligent 5121 days ago
I know I only stumbled it across it recently. It's strange because as SPDY takes off SSL is going to be a critical part of the overall performance.

Apparently AES-NI is also available in version Xen 4.0+ for VPS users as well. Something to ask your VPS provider.

link