Re: I revised the pro/contra document

On Sat, Nov 23, 2013 at 4:01 PM, Michael Sweet <msweet@apple.com> wrote:

> Alexandre,
>
> There is a processing overhead associated with encryption - I've seen up
> to a 40% speed penalty for printers, for example. When applied to streaming
> of large files like movies (which already have their own layer of
> protections), that generally means the provider needs more servers with
> hardware accelerated TLS, and similarly more processing needs to be done on
> each client which may limit the quality/quantity of video that can be
> played. And imagine the increased power usage - not the direction most
> people are trying to go...
>

Do you have any benchmarks on this?  Or a breakdown of printers print that
slowly?  Are these modern printers or old ones?

If a typical printer is printing 10ppm, we need to keep the flow of a page
of data per 6 seconds.  In 6 seconds, you can do a lot of computing and
transmit a boatload of bits, even on a modest printer.  I know that
printers use small and sometimes memory constrained CPUs, but given the
slowness of actually printing a page, I have a hard time believing that TLS
can't keep up most of the time.  I also wouldn't be surprised if the
failure here was implementation quality rather than TLS itself.

So before we throw TLS under the bus for all of the internet in order to
save what may be a tiny segment of printers (that can still use HTTP/1.1 if
they want to!), I think we should quantify this problem with real data.

For what it is worth, despite my skepticism about the 40% number, I'd still
rather prefer safe data transmission and a 40% print speed loss than have
my data stolen by the guy sitting next to me at kinko's.

Mike







>
> Aside from the basic resource issues, consider printing again. Most
> printers are not used in environments that need encryption. Those that do
> often do not have stable addresses or host names, making authentication and
> certificate management a greater challenge. So for printers I have
> personally fought hard for all TLS support but not necessarily to enable it
> by default.
>
> Sent from my iPad
>
> > On Nov 23, 2013, at 4:27 PM, Alexandre Anzala-Yamajako <
> anzalaya@gmail.com> wrote:
> >
> > I am sorry if these points were discussed before but i don't get why tls
> isn't appropriate for media files or why we shouldn't secure our
> connections to printers ?
> >
> > Cheers
>
>

Received on Sunday, 24 November 2013 01:13:02 UTC