Re: Encrypted SMTP (was Re: wish list)

[Ray Jones <rjones@pobox.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ron Arts <raarts@netland.nl> writes:

> According to my experience with HTTP servers (I am responsible for
> over a thousand) HTTPS request are at least 10 times as CPU
> intensive as normal requests.  This is a pretty well known fact
> among SSL users and experts.

I can certainly believe that.  Encryption is a lot more CPU intensive
than just copying a buffer.  CPU-intensiveness isn't the only limit to
speed, though.

> Tests have shown that webservers that could normally handle tens to
> hundreds of requests per second bogged down to as low as three per
> second when everything went through the SSL port.

Is this 3 new session-key generations going on per second, or just 3
pages served per second with previously generated keys?

> If all SMTP sessions in the world would be SSL, then the amount
> of installed CPU power would definitely need to rise a lot....

... which is going to happen anyway.  IPSec will drive the increase if
encrypted SMTP doesn't.  

It's a cost/benefit analysis.  Unfortunately, many people won't see
the benefit that they get for encrypting all of their messages, even
the ones that they're not concerned about being compromised.

Ray Jones
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3XRWcY4NKW4VSSGARAtfIAJ46GcesgHvyUILsK3fD71sv+Vh8ZgCgjCfU
E9z1ez5jFNEVrrEE8oQ7o08=
=xhh7
-----END PGP SIGNATURE-----
-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/