SSL
Per Buer
perbu at varnish-software.com
Mon Mar 14 13:10:41 CET 2011
On Mon, Mar 14, 2011 at 1:00 PM, Gerhard Schmidt <schmidt at ze.tum.de> wrote:
>
> It does kill your serive if your service is SSL based.
>
> Managing more config and more daemons always increses the complexity.
> More Daemons increse the probabilty of failure and increase the monitioring
> requirements.
> More Daemons increase the probailty of security problems.
> More Daemons increase the amount of time spend keepings the system up to
> date.
>
First of all. Varnish is probably never getting SSL support built in so you
can stop beating that horse.
Also, in my opinion, it's easier to have two simple systems than one complex
system. Having small dedicated programs is the beautiful design principle of
Unix and as long as it won't influence performance I'm sold.
IMO this is mostly a packaging issue. If we repackage stunnel as
"varnish-ssl" and makes it "just work" it will be dead simple. It does
however, put the pressure on us to maintain it, but that is minor.
--
Per Buer, Varnish Software
Phone: +47 21 98 92 61 / Mobile: +47 958 39 117 / Skype: per.buer
Varnish makes websites fly!
Want to learn more about Varnish?
http://www.varnish-software.com/whitepapers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20110314/e84554b4/attachment-0003.html>
More information about the varnish-misc
mailing list