httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacob Champion <champio...@gmail.com>
Subject Re: [users@httpd] explicitly including other ciphers for use with https
Date Tue, 08 Dec 2015 01:40:22 GMT
On 12/07/2015 05:06 PM, William A Rowe Jr wrote:
> On Mon, Dec 7, 2015 at 2:39 PM, Ron Croonenberg <ronc@lanl.gov
> <mailto:ronc@lanl.gov>> wrote:
>
>     Hello,
>
>     I a building a storage system, using HTTP/HTTPS for ingesting data.
>
>     I would like to use the authentication over HTTPS, while after that
>     I want no encryption on the data because of peformance.
>
>
> Then you probably don't understand the performance impact of TLS.

To help Ron out a little... he's coming from this conversation [1] on 
the openssl-users mailing list, where he's described his rather unusual 
network topology already.

I'm still unsure as to whether or not his proposed solution is secure... 
but I am convinced that his use case is atypical.

>Otherwise,
> any man-in-the-middle can observe the data in transit and alter
> the data passed between your client and backend storage server

Wait, why does the use of NULL encryption have any effect on the 
authenticity/integrity characteristics of the cipher? I asserted 
otherwise on openssl-users and was not corrected...

--Jacob

[1] https://marc.info/?t=144900982700003&r=1&w=2

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message