Hacker News new | ask | show | jobs
by profmonocle 4070 days ago
> The most obvious example is that you don't want to bog down your countrys civil defence agency with SSL/TLS protocol negotiations, if their website is being deluged by people trying to survive a natural disaster.

If TLS overhead is the last straw that brings down a web site, the site's infrastructure isn't suitable for delivering safety-critical information.
1 comments
floatboth 4070 days ago
This. Google measured TLS overhead on their servers – it was very small. If you can do TLS on Google scale, you can do it anywhere.
link
smutticus 4070 days ago
It really depends on what your bottleneck is. If your bottle neck is already CPU, then TLS is not that big of a deal. If, OTOH, your bottleneck is disk, then implementing TLS can create substantial overhead.
link
nine_k 4070 days ago
How so? If your bottleneck is disk, you probably have quite some CPU cycles to spare, because the CPU is waiting for I/O most of the time.
link
dijit 4070 days ago
there's more to it than that I guess.

TLS adds quite a bit of memory overhead, it increases the network bandwidth due to padding, and if your CPU is eqipped with AES extensions (modern ones) then you still do compression usually.

it can be difficult to cache certain things with TLS also- since you can't do transparent caching. (although this is more a problem for those running squid proxies at work on a stretched out line).

TLS is certainly an overhead and it's not required in cases where I'm checking a bulletin about earthquakes.

link
marcosdumay 4070 days ago
What?

How does TLS increase disk usage?

link
phkamp 4070 days ago
Are you willing to pay increased taxes, so that FEMA (Or your countrys similar) can afford to run 100.000 servers, in order to "do TLS on Google scale", so that they can get emergency orders out for civil defence ?

Have your forgotten (or maybe never seen ?) CNN's traffic graph from 9/11 ?

Experience so far is that emergency services web-pages tend to die the instant they are most needed. Addint TLS will just make that happen even more.

link
faker_ 4070 days ago
You really need to update your facts. CPU overhead is already less than 1%. https://istlsfastyet.com/
link
M2Ys4U 4070 days ago
> Are you willing to pay increased taxes, so [...] that they can get emergency orders out for civil defence ?

Unquestionably, yes.

link