On 03/16/2015 11:37 PM, Dave Warren wrote: > I'm curious if anyone has ever looked at HTTPS Everywhere's database > and considered dropping sites that are in preloaded HSTS lists? -- I'm > assuming that part of the performance impact is linked to the number > of rules, and under this theory, it seems like reducing the number of > rules without reducing security would be a net win. I've definitely considered this, but I think it's not likely to be a big performance win. As I understand it, there are ~300 hostnames on the preloaded list (updated numbers welcome!), vs ~14.5k rulesets in HTTPS Everywhere, with many hostnames per ruleset.
I'm extremely interested in improving the performance of HTTPS Everywhere with regards to both CPU and RAM. If you are interested in doing some work in the area, I would really appreciate it. I think the first step would be to do a CPU and RAM profile of the extension under some example usage (i.e. open N URLs that have either a top-level rewrite or many embedded rewrites). _______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
