Hi, (Cc me on replies; not subscribed to the list)
I've been exploring alternatives for our SSL termination needs and, obviously, HAProxy 1.5 (congrats for the release!) is one of the contenders ;) As the target deployment is very high traffic, one of the said needs would be a distributed SSL session cache, plus a shared rotation scheme for synchronizing SSL ticket key rollovers. So far, the only ones being close to able to do this are Apache 2.4 (with memcached) and stud, which is sadly unmaintained. Now, the situation with stud is interesting: much of HAProxy's SSL code is similar with stud and was written by basically the same (Exceliance) people; stud's session cache distribution method, based on a custom UDP protocol over multicast, was written back in 2011 by Exceliance's Emeric Brun: https://github.com/bumptech/stud/pull/50; Vincent Bernat (one of HAProxy's Debian maintainers) also gave ticket sharing a go with https://github.com/bumptech/stud/pull/30 which was deliberated with Emeric but never properly implemented and merged. So, before we go and reimplement this feature in HAProxy, possibly stealing some code from stud ;), it seems prudent to ask: why wasn't this stud feature ported to HAProxy, despite the two projects being so close to each other? Are there any plans to do so by Exceliance^WHAProxy Technologies or other contributors on this list? Any other pitfalls we should be aware of? Thanks, Faidon
