W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2011

RE: Facebook moves to HTTPS

From: Peter Williams <home_pw@msn.com>
Date: Thu, 27 Jan 2011 06:37:31 -0800
Message-ID: <SNT143-w564DEA34633A8263C7C31292FE0@phx.gbl>
To: <henry.story@bblfish.net>, <public-xg-webid@w3.org>

Like google earlier, the Facebook announcement is newsworthy mostly because of the engineering issues, more than anything. The equipment is there to handle the load (and has been for several years). 
 
So, there may be a cryptographic element in our discussions. We have to project to web size, and engineer for hardware. This means really understanding SSLs design historyL how the hardware of earlier generations impacted its re-design, the pipelining, the message pump..its integration in general into a switched data center.
 
> From: henry.story@bblfish.net
> Date: Thu, 27 Jan 2011 15:21:51 +0100
> To: public-xg-webid@w3.org
> Subject: Facebook moves to HTTPS
> 
> Kingsely Idehen made me aware that Facebook will be moving to HTTPS
> by tweeting the article 
> "Zuckerberg's Page Hacked, Now Facebook To Offer "Always On" HTTPS"
> 
> http://www.readwriteweb.com/archives/zuckerbergs_facebook_page_hacked_and_now_facebook.php
> 
> probably due to the bad publicity of tools such as Firesheep.
> 
> A Google Employee posted some information a little while ago on how
> to why SSL server side was no longer a problem in "Overclocking SSL"
> 
> http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
> 
> Peter Williams on the foaf-protocols mailing list shortly had an
> argument how Google's trick could be useful for WebID, but also
> an argument why he thought it was bad. I did not go into that
> discussion at the time, as I thought this forum would be a better
> place to have it.
> 
> So this is a note that we should look into this in more detail here.
> 
> Peter if you can copy your argument as a response to this mail, that
> would be helpful.
> 
> Henry
> 
> PS. I have added the Facebook link to the FAQ
> http://esw.w3.org/Foaf%2Bssl/FAQ#Is_SSL_not_really_expensive_server_side_to_Process.3F_To_expensive_for__Google_.3F
> 
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
 		 	   		  
Received on Thursday, 27 January 2011 14:38:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 27 January 2011 14:38:04 GMT