TLS Session Resumption: Full-speed and Secure: great blog post and valuable work by @lziesthttps://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/ …
-
-
Replying to @grittygrease
@grittygrease@lziest I'm not sure it's good to replicate ticket decryption keys to every PoP *worldwide*. Could you explain why you do it?1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@grittygrease@lziest In particular, it seems like a person is likely to only hit 1 or 2 PoPs closest to them, so why send key worldwide?1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@lziest Simplicity and failover. We take a location out of production, this helps reduce the cost at the failover sites.1 reply 0 retweets 1 like -
Replying to @grittygrease
@grittygrease@lziest Thanks. It also means that any compromised PoP compromises every SSL session worldwide, right?2 replies 0 retweets 0 likes
@grittygrease @lziest It seems feasible to lazily replicate keys on need-to-know basis to handle failover. Not sure how much it would help.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.