| I'm kind of surprised about this repeated "I just use nginx" argument, it doesn't make sense to me at all. If your site runs fine, in all situations you care about, without FOO, you would be pretty lame if you increased its complexity with FOO nonetheless, for any value of FOO. That is more or less exactly the central argument of the piece I wrote. The KISS principle dictate that I do not add SSL/TLS to Varnish, because it would just increase complexity without any comparable net increase in benefits. Yes, it's probably (slightly) more work to configure a SSL-terminating proxy and varnish, but that is the maximal benefit you can hope to obtain if I implement SSL/TLS. On the other hand, having SSL termination in a clearly defined separate layer gives you at least the following benefits: You can change implementation in one layer without affecting the other. You can scale one layer separate from the other. You can have different administrator access in one layer than the other. You can scale the SSL layer for CPU and the Varnish layer for RAM. You can have multiple independent implementations of your SSL termination, thereby vastly increasing the chances that you don't have to shut down next time some SSL library breaks. &c &c &c |
Any eta on v4.1 with PROXY support? I didn't find much when looking quickly (and from a phone)