[145732] in cryptography@c2.net mail archive
Re: towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Wed Aug 25 23:25:45 2010
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <OF7CA25405.45F895BC-ON8525778A.00476B45-8525778A.0047CF0B@us.ibm.com>
Date: Wed, 25 Aug 2010 14:43:49 -0400
Cc: cryptography@metzdowd.com, =JeffH <Jeff.Hodges@KingsMountain.com>
To: Richard Salz <rsalz@us.ibm.com>
On Aug 25, 2010, at 9:04 20AM, Richard Salz wrote:
>> Also, note that HSTS is presently specific to HTTP. One could imagine=20=
>> expressing a more generic "STS" policy for an entire site
>=20
> A really knowledgeable net-head told me the other day that the problem=20=
> with SSL/TLS is that it has too many round-trips. In fact, the RTT =
costs=20
> are now more prohibitive than the crypto costs. I was quite surprised =
to=20
> hear this; he was stunned to find it out.
This statement is quite correct. I know of at least one major player =
that was very reluctant to use SSL because of this issue; the round =
trips, especially on intercontinental connections, led to considerable =
latency, which in turn hurt the perceived responsiveness of their =
service.
We need to do something about the speed of light. Is anyone working on =
hyperwave or subether technologies?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
